kyma-project · kyma-bot · Jul 12, 2021 · Jul 5, 2021 · Jul 5, 2021 · Jul 5, 2021
@@ -42,7 +42,7 @@ The Central Application Gateway has the following parameters:
 - **proxyPort** is the port that acts as a proxy for the calls from services and Functions to an external solution in the default standalone (legacy) mode. The default port is `8080`.
 - **proxyPortCompass** is the port that acts as a proxy for the calls from services and Functions to an external solution in the Compass mode. The default port is `8082`.
 - **externalAPIPort** is the port that exposes the API which allows checking the component status. The default port is `8081`.
-- **namespace** is the Namespace in which the Central Application Gateway is deployed. The default Namespace is `kyma-system`.
+- **applicationSecretsNamespace** is the Namespace in which the Application secrets used by Central Application Gateway exist. The default Namespace is `kyma-integration`.
 - **requestTimeout** is the timeout for requests sent through the Central Application Gateway, expressed in seconds. The default value is `1`.
 - **skipVerify** is the flag for skipping the verification of certificates for the proxy targets. The default value is `false`.
 - **requestLogging** is the flag for logging incoming requests. The default value is `false`.
@@ -63,7 +63,7 @@ If  **disableLegacyConnectivity** is `false`, the proxy API exposes the followin
 
 For instance, if the user registered the `cc-occ-commerce-webservices` service in the `ec` application using Application Registry, they can send a request to the following URL: 
 ```bash
-http://central-application-gateway:8080/ec/cc-occ-commerce-webservices/basesites
+http://central-application-gateway.kyma-system:8080/ec/cc-occ-commerce-webservices/basesites
 ```
 
 As a result, the Central Application Gateway:
@@ -81,7 +81,7 @@ If **disableLegacyConnectivity** is `true`, the proxy API exposes the following
 
 For instance, if the user registered the `cc-occ` API bundle with the `commerce-webservices` API definition in the `ec` application, they can send a request to the following URL:
 ```bash
-http://central-application-gateway:8082/ec/cc-occ/commerce-webservices/basesites
+http://central-application-gateway.kyma-system:8082/ec/cc-occ/commerce-webservices/basesites
 ``` 
 
 As a result, the Central Application Gateway:

@@ -49,7 +49,7 @@ func main() {
 	serviceDefinitionService, err := newServiceDefinitionService(
 		k8sConfig,
 		coreClientset,
-		options.namespace,
+		options.applicationSecretsNamespace,
 	)
 	if err != nil {
 		log.Errorf("Unable to create ServiceDefinitionService: '%s'", err.Error())

@@ -6,24 +6,24 @@ import (
 )
 
 type options struct {
-	disableLegacyConnectivity bool
-	externalAPIPort           int
-	proxyPort                 int
-	proxyPortCompass          int
-	namespace                 string
-	requestTimeout            int
-	skipVerify                bool
-	proxyTimeout              int
-	requestLogging            bool
-	proxyCacheTTL             int
+	disableLegacyConnectivity   bool
+	externalAPIPort             int
+	proxyPort                   int
+	proxyPortCompass            int
+	applicationSecretsNamespace string
+	requestTimeout              int
+	skipVerify                  bool
+	proxyTimeout                int
+	requestLogging              bool
+	proxyCacheTTL               int
 }
 
 func parseArgs() *options {
 	disableLegacyConnectivity := flag.Bool("disableLegacyConnectivity", false, "Flag determining what HTTP handler will be used")
 	externalAPIPort := flag.Int("externalAPIPort", 8081, "External API port.")
 	proxyPort := flag.Int("proxyPort", 8080, "Proxy port for Kyma OS.")
 	proxyPortCompass := flag.Int("proxyPortCompass", 8088, "Proxy port for Kyma MPS.")
-	namespace := flag.String("namespace", "kyma-system", "Namespace used by the Application Gateway")
+	applicationSecretsNamespace := flag.String("applicationSecretsNamespace", "kyma-integration", "Namespace where Application secrets used by the Application Gateway exist")
 	requestTimeout := flag.Int("requestTimeout", 1, "Timeout for services.")
 	skipVerify := flag.Bool("skipVerify", false, "Flag for skipping certificate verification for proxy target.")
 	proxyTimeout := flag.Int("proxyTimeout", 10, "Timeout for proxy call.")
@@ -33,22 +33,22 @@ func parseArgs() *options {
 	flag.Parse()
 
 	return &options{
-		disableLegacyConnectivity: *disableLegacyConnectivity,
-		externalAPIPort:           *externalAPIPort,
-		proxyPort:                 *proxyPort,
-		proxyPortCompass:          *proxyPortCompass,
-		namespace:                 *namespace,
-		requestTimeout:            *requestTimeout,
-		skipVerify:                *skipVerify,
-		proxyTimeout:              *proxyTimeout,
-		requestLogging:            *requestLogging,
-		proxyCacheTTL:             *proxyCacheTTL,
+		disableLegacyConnectivity:   *disableLegacyConnectivity,
+		externalAPIPort:             *externalAPIPort,
+		proxyPort:                   *proxyPort,
+		proxyPortCompass:            *proxyPortCompass,
+		applicationSecretsNamespace: *applicationSecretsNamespace,
+		requestTimeout:              *requestTimeout,
+		skipVerify:                  *skipVerify,
+		proxyTimeout:                *proxyTimeout,
+		requestLogging:              *requestLogging,
+		proxyCacheTTL:               *proxyCacheTTL,
 	}
 }
 
 func (o *options) String() string {
-	return fmt.Sprintf("--disableLegacyConnectivity=%t --externalAPIPort=%d --proxyPort=%d --proxyPortCompass=%d --namespace=%s --requestTimeout=%d --skipVerify=%v --proxyTimeout=%d"+
+	return fmt.Sprintf("--disableLegacyConnectivity=%t --externalAPIPort=%d --proxyPort=%d --proxyPortCompass=%d --applicationSecretsNamespace=%s --requestTimeout=%d --skipVerify=%v --proxyTimeout=%d"+
 		" --requestLogging=%t --proxyCacheTTL=%d",
-		o.disableLegacyConnectivity, o.externalAPIPort, o.proxyPort, o.proxyPortCompass, o.namespace, o.requestTimeout, o.skipVerify, o.proxyTimeout,
+		o.disableLegacyConnectivity, o.externalAPIPort, o.proxyPort, o.proxyPortCompass, o.applicationSecretsNamespace, o.requestTimeout, o.skipVerify, o.proxyTimeout,
 		o.requestLogging, o.proxyCacheTTL)
 }
@@ -12,7 +12,7 @@ metadata:
 subjects:
 - kind: ServiceAccount
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: app-broker-config-map
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}

@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}

@@ -90,7 +90,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 subjects:
   - kind: User
-    name: system:serviceaccount:{{ .Values.global.namespace }}:{{ .Chart.Name }}
+    name: system:serviceaccount:{{ .Values.global.integrationNamespace }}:{{ .Chart.Name }}
     apiGroup: rbac.authorization.k8s.io
 roleRef:
   apiGroup: rbac.authorization.k8s.io

@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     control-plane: {{ .Chart.Name }}
     controller-tools.k8s.io: "1.0"
@@ -42,7 +42,7 @@ spec:
         - "/manager"
         - "--appName={{ .Values.controller.args.appName }}"
         - "--domainName={{ .Values.global.ingress.domainName }}"
-        - "--namespace={{ .Values.global.namespace }}"
+        - "--namespace={{ .Values.global.integrationNamespace }}"
         - "--helmDriver={{ .Values.controller.args.helmDriver }}"
         - "--applicationGatewayImage={{ .Values.global.containerRegistry.path }}/application-gateway:{{ .Values.global.application_gateway.version }}"
         - "--applicationGatewayTestsImage={{ .Values.global.containerRegistry.path }}/application-gateway-legacy-tests:{{ .Values.global.application_gateway_legacy_tests.version }}"

@@ -2,7 +2,7 @@ apiVersion: networking.istio.io/v1alpha3
 kind: DestinationRule
 metadata:
   name: {{ .Chart.Name }}-health-rule
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     release: {{ .Release.Name }}
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Chart.Name }}-service
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     control-plane: {{ .Chart.Name }}
     controller-tools.k8s.io: "1.0"
@@ -22,7 +22,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Chart.Name }}-health
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     release: {{ .Release.Name }}
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}

@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ .Chart.Name }}-tests
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}-tests
     release: {{ .Release.Name }}
@@ -16,7 +16,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: {{ .Chart.Name }}-tests
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}-tests
     release: {{ .Release.Name }}
@@ -46,7 +46,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: {{ .Chart.Name }}-tests
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}-tests
     release: {{ .Release.Name }}
@@ -61,7 +61,7 @@ roleRef:
 subjects:
   - apiGroup: rbac.authorization.k8s.io
     kind: User
-    name: system:serviceaccount:{{ .Values.global.namespace }}:{{ .Chart.Name }}-tests
+    name: system:serviceaccount:{{ .Values.global.integrationNamespace }}:{{ .Chart.Name }}-tests
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
@@ -117,7 +117,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 subjects:
   - kind: User
-    name: system:serviceaccount:{{ .Values.global.namespace }}:{{ .Chart.Name }}-tests
+    name: system:serviceaccount:{{ .Values.global.integrationNamespace }}:{{ .Chart.Name }}-tests
     apiGroup: rbac.authorization.k8s.io
 roleRef:
   apiGroup: rbac.authorization.k8s.io

@@ -35,7 +35,7 @@ spec:
           imagePullPolicy: {{ .Values.tests.pullPolicy }}
           env:
           - name: NAMESPACE
-            value: {{ .Values.global.namespace }}
+            value: {{ .Values.global.integrationNamespace }}
           - name: HELM_DRIVER
             value: {{ .Values.controller.args.helmDriver }}
           - name: GATEWAY_DEPLOYED_PER_NAMESPACE

@@ -2,7 +2,7 @@ apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ template "name" . }}
     release: {{ .Release.Name }}

@@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: {{ .Chart.Name }}-role
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}
@@ -36,7 +36,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 subjects:
 - kind: User
-  name: system:serviceaccount:{{ .Values.global.namespace }}:default
+  name: system:serviceaccount:{{ .Values.global.integrationNamespace }}:default
   apiGroup: rbac.authorization.k8s.io
 roleRef:
   kind: ClusterRole

@@ -3,7 +3,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}
@@ -51,7 +51,7 @@ spec:
           - "--proxyPort={{ .Values.deployment.args.proxyPort }}"
           - "--externalAPIPort={{ .Values.deployment.args.externalAPIPort }}"
           - "--uploadServiceURL={{ .Values.deployment.args.uploadServiceURL }}"
-          - "--namespace={{ .Values.global.namespace }}"
+          - "--namespace={{ .Values.global.integrationNamespace }}"
           - "--requestTimeout={{ .Values.deployment.args.requestTimeout }}"
           - "--requestLogging={{ .Values.deployment.args.requestLogging }}"
           - "--specRequestTimeout={{ .Values.deployment.args.specRequestTimeout }}"

@@ -3,7 +3,7 @@ apiVersion: security.istio.io/v1beta1
 kind: PeerAuthentication
 metadata:
   name: {{ .Chart.Name }}-policy
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     release: {{ .Release.Name }}
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}

@@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: {{ .Chart.Name }}-role
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}
@@ -23,7 +23,7 @@ kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: {{ .Chart.Name }}-rolebinding
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}
@@ -33,7 +33,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 subjects:
 - kind: User
-  name: system:serviceaccount:{{ .Values.global.namespace }}:default
+  name: system:serviceaccount:{{ .Values.global.integrationNamespace }}:default
   apiGroup: rbac.authorization.k8s.io
 roleRef:
   kind: Role

@@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
   name: {{ .Chart.Name }}
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     prometheus: monitoring
     app: {{ .Chart.Name }}
@@ -26,5 +26,5 @@ spec:
       action: keep
   namespaceSelector:
     matchNames:
-      - {{ .Values.global.namespace }}
+      - {{ .Values.global.integrationNamespace }}
   {{- end }}
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Chart.Name }}-external-api
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     app: {{ .Chart.Name }}
     release: {{ .Release.Name }}
@@ -25,7 +25,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Chart.Name}}-metrics
-  namespace: {{ .Values.global.namespace }}
+  namespace: {{ .Values.global.integrationNamespace }}
   labels:
     k8s-app: {{ .Chart.Name }}-metrics
     release: {{ .Release.Name }}