Skip to content

chore: add config to kratos #2253

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Dec 25, 2022
Merged

chore: add config to kratos #2253

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ada60d2
chore: add config to kratos values
krtk6160 Dec 23, 2022
ec41d87
chore: set webhook url to api server
krtk6160 Dec 23, 2022
18983b2
chore: set webhook body in base64
krtk6160 Dec 23, 2022
99e1b6d
chore: add config to kratos
krtk6160 Dec 24, 2022
61d499f
chore: improve kratos api key env var name
krtk6160 Dec 24, 2022
bc6a5f8
"chore: improve kratos master password key name"
krtk6160 Dec 24, 2022
bb17e7d
chore: rename kratos api key
krtk6160 Dec 24, 2022
d51b6d1
chore: rename kratos secret key names
krtk6160 Dec 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 12 additions & 7 deletions charts/galoy/templates/admin-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,11 @@ metadata:
spec:

replicas: {{ .Values.galoy.admin.replicas }}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we run a yaml formatter to avoid those diff?

Copy link
Contributor Author

@krtk6160 krtk6160 Dec 24, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can have a github action like we have for terraform formatting. That would fail if there were empty spaces being committed, like there were in https://github.com/GaloyMoney/charts/pull/1389/files#diff-15296f3709426e71ba19af7a4607d4fe65424c8b23439de9f146a59b97f278fb

selector:
matchLabels:
app: {{ template "galoy.admin.fullname" . }}

template:

metadata:
Expand All @@ -47,7 +47,7 @@ spec:
containers:
- name: admin
image: "{{ .Values.galoy.images.app.repository }}@{{ .Values.galoy.images.app.digest }}"
args:
args:
- "-r"
- "/app/lib/services/tracing.js"
- "lib/servers/graphql-admin-server.js"
Expand Down Expand Up @@ -75,7 +75,7 @@ spec:
value: {{ .Values.galoy.network }}
- name: GALOY_ADMIN_PORT
value: {{ .Values.galoy.admin.port | quote }}

- name: JAEGER_HOST
value: {{ .Values.tracing.jaegerHost | quote }}
- name: TRACING_SERVICE_NAME
Expand All @@ -95,11 +95,16 @@ spec:
{{ include "galoy.geetest.env" . | indent 8 }}
{{ include "galoy.jwt.env" . | indent 8 }}

- name: KRATOS_MASTER_PHONE_PASSWORD
- name: KRATOS_MASTER_USER_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.galoy.kratos.existingSecret.name }}
key: {{ .Values.galoy.kratos.existingSecret.master_user_password }}
- name: KRATOS_CALLBACK_API_KEY
valueFrom:
secretKeyRef:
name: {{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.name }}
key: {{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.key }}
name: {{ .Values.galoy.kratos.existingSecret.name }}
key: {{ .Values.galoy.kratos.existingSecret.callback_api_key }}

- name: PRICE_HISTORY_HOST
value: {{ .Values.price.host | quote }}
Expand Down
19 changes: 12 additions & 7 deletions charts/galoy/templates/api-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,11 @@ metadata:
spec:

replicas: {{ .Values.galoy.api.replicas }}

selector:
matchLabels:
app: {{ template "galoy.api.fullname" . }}

template:

metadata:
Expand All @@ -47,7 +47,7 @@ spec:
containers:
- name: api
image: "{{ .Values.galoy.images.app.repository }}@{{ .Values.galoy.images.app.digest }}"
args:
args:
- "-r"
- "/app/lib/services/tracing.js"
- "lib/servers/graphql-main-server.js"
Expand Down Expand Up @@ -75,7 +75,7 @@ spec:
value: {{ .Values.galoy.network }}
- name: GALOY_API_PORT
value: {{ .Values.galoy.api.port | quote }}

- name: JAEGER_HOST
value: {{ .Values.tracing.jaegerHost | quote }}
- name: TRACING_SERVICE_NAME
Expand All @@ -95,11 +95,16 @@ spec:
{{ include "galoy.geetest.env" . | indent 8 }}
{{ include "galoy.jwt.env" . | indent 8 }}

- name: KRATOS_MASTER_PHONE_PASSWORD
- name: KRATOS_MASTER_USER_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.galoy.kratos.existingSecret.name }}
key: {{ .Values.galoy.kratos.existingSecret.master_user_password }}
- name: KRATOS_CALLBACK_API_KEY
valueFrom:
secretKeyRef:
name: {{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.name }}
key: {{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.key }}
name: {{ .Values.galoy.kratos.existingSecret.name }}
key: {{ .Values.galoy.kratos.existingSecret.callback_api_key }}

- name: PRICE_HISTORY_HOST
value: {{ .Values.price.host | quote }}
Expand Down
6 changes: 3 additions & 3 deletions charts/galoy/templates/galoy-secrets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,13 +206,13 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.name }}
name: {{ .Values.galoy.kratos.existingSecret.name }}
labels:
app: {{ template "galoy.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
{{ .Values.galoy.kratos.masterPhonePasswordExistingSecret.key }}: {{ .Values.secrets.kratosMasterPassword | toString | b64enc }}

{{ .Values.galoy.kratos.existingSecret.master_user_password }}: {{ .Values.secrets.kratosMasterUserPassword | toString | b64enc }}
{{ .Values.galoy.kratos.existingSecret.callback_api_key }}: {{ .Values.secrets.kratosCallbackApiKey | toString | b64enc }}
{{- end -}}
15 changes: 9 additions & 6 deletions charts/galoy/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -289,9 +289,10 @@ galoy:
timeoutSeconds: 1
## Kratos
kratos:
masterPhonePasswordExistingSecret:
name: kratos-master-password
key: password
existingSecret:
name: kratos-secret
master_user_password: master_user_password
callback_api_key: callback_api_key
## Configuration values for establishing connection to LND-1
## TODO: This should be injected as ConfigMap from LND Chart
##
Expand Down Expand Up @@ -544,8 +545,9 @@ secrets:
lnd2LoopMacaroon:
lnd2LoopTls:
lnd2PubKey:
## Secret for Galot app
kratosMasterPassword:
## Secret for Galoy app
kratosMasterUserPassword:
kratosCallbackApiKey:
## Tracing details
##
tracing:
Expand Down Expand Up @@ -687,7 +689,8 @@ kratos:
url: file:///etc/config/identity.schema.json
default_schema_id: email
selfservice:
default_browser_return_url: http://localhost:3000/
default_browser_return_url: http://127.0.0.1:4002/

courier:
smtp:
connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true
Expand Down
14 changes: 10 additions & 4 deletions ci/testflight/galoy/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -286,18 +286,24 @@ resource "kubernetes_secret" "oathkeeper" {
}
}

resource "random_password" "kratos_master_password" {
resource "random_password" "kratos_master_user_password" {
length = 32
special = false
}
resource "kubernetes_secret" "kratos_master_password" {

resource "random_password" "kratos_callback_api_key" {
length = 32
}

resource "kubernetes_secret" "kratos_master_user_password" {
metadata {
name = "kratos-master-password"
name = "kratos-secret"
namespace = kubernetes_namespace.testflight.metadata[0].name
}

data = {
"password" = random_password.kratos_master_password.result
"master_user_password" = random_password.kratos_master_user_password.result
"callback_api_key" = random_password.kratos_callback_api_key.result
}
}

Expand Down
14 changes: 10 additions & 4 deletions dev/galoy/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -281,18 +281,24 @@ resource "kubernetes_secret" "price_history_postgres_creds" {
}
}

resource "random_password" "kratos_master_password" {
resource "random_password" "kratos_master_user_password" {
length = 32
special = false
}
resource "kubernetes_secret" "kratos_master_password" {

resource "random_password" "kratos_callback_api_key" {
length = 32
}

resource "kubernetes_secret" "kratos_master_user_password" {
metadata {
name = "kratos-master-password"
name = "kratos-secret"
namespace = kubernetes_namespace.galoy.metadata[0].name
}

data = {
"password" = random_password.kratos_master_password.result
"master_user_password" = random_password.kratos_master_user_password.result
"callback_api_key" = random_password.kratos_callback_api_key.result
}
}

Expand Down