bcgov
Unable to config Admin name and key for innkeeper via deploying using helmcharts
Hi, Recently i using traction with docker .But when i tried to deploy traction in kubernetes via helm charts , i am unable to find admin name,key for innkeeper or config them under plugin-config.yaml of acapy inside values.yaml .but its of no use,Can some one help me about which step i am doing wrong and also how to config innkeeper to use custom admin name and key
Below is the acapy section of values.yaml i am using ,
@section Acapy Configuration
acapy:
image: repository: ghcr.io/bcgov/traction-plugins-acapy pullPolicy: IfNotPresent pullSecrets: [] tag: "" serviceAccount: create: false annotations: {} automountServiceAccountToken: true name: "" replicaCount: 1
AcaPy Autoscaling configuration
autoscaling: enabled: false minReplicas: 1 maxReplicas: 3 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 stabilizationWindowSeconds: 300
labelOverride: ""
@section Acapy configuration file
@param acapy.argfile.yml.auto-accept-invites Automatically accept invites without firing a webhook event or waiting for an admin request. Default: false.
argfile.yml: auto-accept-invites: true auto-accept-requests: true auto-create-revocation-transactions: true auto-ping-connection: true auto-promote-author-did: true auto-provision: true auto-request-endorsement: true auto-respond-credential-offer: false auto-respond-credential-proposal: false auto-respond-credential-request: true auto-respond-messages: true auto-respond-presentation-proposal: true auto-respond-presentation-request: false auto-store-credential: true auto-verify-presentation: true auto-write-transactions: true emit-new-didcomm-mime-type: true emit-new-didcomm-prefix: true endorser-alias: endorser endorser-protocol-role: author genesis-transactions-list: /home/aries/ledgers.yml label: '{{ include "acapy.label" .}}' log-level: info monitor-ping: true monitor-revocation-notification: true multitenant-admin: true multitenant: true notify-revocation: true preserve-exchange-records: true public-invites: true read-only-ledger: false tails-server-base-url: https://tails-test.vonx.io tails-server-upload-url: https://tails-test.vonx.io wallet-name: askar-wallet wallet-storage-type: postgres_storage wallet-type: askar
Acapy multiledger configuration file
param acapy.ledgers.yml [object] YAML configuration for connecting to multiple HyperLedger
ledgers.yml: - id: bcovrin-test is_production: true is_write: true genesis_url: "http://test.bcovrin.vonx.io/genesis" endorser_did: "Q5uukoJmdf7cNSh2u6NPEu" endorser_alias: "endorser-traction"
walletStorageConfig: json: "" url: "" max_connections: 10 wallet_scheme: DatabasePerWallet
walletStorageCredentials: json: '' account: acapy admin_account: postgres existingSecret: "" secretKeys: adminPasswordKey: admin-password userPasswordKey: database-password
@section Acapy Plugins
Specify the plugins to enable.
plugins: basicmessageStorage: true connectionUpdate: true multitenantProvider: true tractionInnkeeper: true rpc: true
@section Acapy Plugin Configuration
Specify configuration values for each plugin.
Configuration values are plugin specific, and are rendered as is into the plugin-config.yml file.
plugin-config.yml: multitenant_provider: manager: class_name: multitenant_provider.v1_0.manager.AskarMultitokenMultitenantManager always_check_provided_wallet_key: true errors: on_unneeded_wallet_key: false token_expiry: units: days amount: 1 traction_innkeeper: innkeeper_wallet: wallet_name: traction_innkeeper tenant_id: traction_innkeeper wallet_key: change-me print_key: false print_token: false connect_to_endorser: - endorser_alias: endorser-traction ledger_id: bcovrin-test create_public_did: - bcovrin-test reservation: expiry_minutes: 2880 auto_approve: false auto_issuer: false basicmessage_storage: wallet_enabled: true
@section Acapy tails persistence configuration
persistence: ## @param acapy.persistence.existingClaim Name of an existing PVC to use ## existingClaim: "" ## @param acapy.persistence.mountPath ## mountPath: /mnt/traction-tails # /home/aries/.indy_client/tails ## param acapy.persistence.storageClass PVC Storage Class ## If defined, storageClassName: <storageClass> ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## storageClass: traction ## @param acapy.persistence.accessModes PVC Access Mode. ReadWriteMany is required for each Acapy pod to access the same volume. ## accessModes: - ReadWriteMany ## @param acapy.persistence.size PVC Storage Request for tails volume ## size: 1Gi
Acapy common configurations
param acapy.resources.requests.cpu The requested cpu for the Acapy containers
resources: limits: cpu: 300m memory: 300Mi requests: cpu: 120m memory: 200Mi
param acapy.podAnnotations Map of annotations to add to the acapy pods
podAnnotations: {}
param acapy.podSecurityContext Pod Security Context
ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
podSecurityContext: {} # fsGroup: 2000
param acapy.containerSecurityContext Container Security Context
ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
containerSecurityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1001
Acapy service configuration
service: ## param acapy.service.type Kubernetes Service type ## type: ClusterIP ## param acapy.service.adminPort Port to expose for admin service ## adminPort: 8031 ## param acapy.service.httpPort Port to expose for http service ## httpPort: 8030
param acapy.affinity Affinity for acapy pods assignment
ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
param acapy.nodeSelector Node labels for acapy pods assignment
ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
param acapy.tolerations Tolerations for acapy pods assignment
ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
section Acapy NetworkPolicy parameters
networkPolicy: ## param acapy.networkPolicy.enabled Enable network policies ## enabled: false ## param acapy.networkPolicy.ingress.enabled Enable ingress rules ## param acapy.networkPolicy.ingress.namespaceSelector [object] Namespace selector label that is allowed to access the Tenant proxy pods. ## param acapy.networkPolicy.ingress.podSelector [object] Pod selector label that is allowed to access the Tenant proxy pods. ingress: enabled: false namespaceSelector: {} # network.openshift.io/policy-group: ingress podSelector: {}
openshift: route:
enabled: false
path: "/"
targetPort: http
timeout: 2m
tls:
enabled: true
insecureEdgeTerminationPolicy: None
termination: edge
wildcardPolicy: None
adminRoute:
enabled: false
path: "/"
targetPort: admin
timeout: 2m
tls:
enabled: true
insecureEdgeTerminationPolicy: None
termination: edge
wildcardPolicy: None
secret: adminApiKey: generated: true
value: ""
walletKey:
## @param acapy.secret.walletKey.existingSecret Name of an existing secret to use. Must contain `walletKey` key.
existingSecret: ""
pluginInnkeeper:
## @param acapy.secret.pluginInnkeeper.existingSecret Name of an existing secret to use. Must contain `tenantid`, and `walletkey` keys.
existingSecret: ""
## @param acapy.secret.pluginInnkeeper.generated Generate plugin innkeeper secret values
##
generated: true
## @param acapy.secret.pluginInnkeeper.walletkey Override plugin innkeeper wallet key
##
walletkey: ""
## @param acapy.secret.pluginInnkeeper.tenantid Override plugin innkeeper tenant id
##
tenantid: ""
