Merge branch 'refacto/helm-values' into 'main'

Resolve "Feedback on Helm 2.6.0" Closes #151 See merge request !89

Merge branch 'refacto/helm-values' into 'main'
Resolve "Feedback on Helm 2.6.0" Closes #151 See merge request !89
6ec110ff · Oussama Moulana · d2ba6eb9 · b2407f59 · 6ec110ff · 6ec110ff
Commit 6ec110ff authored 9 months ago by Oussama Moulana
--- a/.gitignore
+++ b/.gitignore
@@ -17,9 +17,6 @@ cmd
 # Go workspace file
 go.work

-### JSON ###
-json/
-
 ### TLS ###
 localcerts/

@@ -29,4 +26,3 @@ localcerts/
 ### Helm ###
 # Chart dependencies
 **/charts/*.tgz
-values.yaml
--- a/compose.yaml
+++ b/compose.yaml
@@ -204,12 +204,11 @@ services:
        condition: service_healthy  
    
  shacl-validator-local:
-    image: isaitb/shacl-validator:latest
+    build: ./foundation/shacl
+    image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/shacl-validator:v2.7.0
    profiles: ["local"]
    container_name: shacl-validator
    ports: ["7400:8080"]
-    volumes:
-      -  ./foundation/shacl/validator:/validator/resources
    environment:
       - validator.resourceRoot=/validator/resources


--- a/k8s/Chart.yaml
+++ b/k8s/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: national-connector
 description: A Helm chart for Kubernetes
 type: application
-version: 0.2.1
+version: 0.3.1
 appVersion: "v2.7.0"
--- a/k8s/conf-example.yaml
+++ b/k8s/conf-example.yaml
-as4_message_dispatcher:
-  time_interval: 1s
-  shutdown_timeout: 20s
-
-api_gateway:
-  read_timeout: 5s
-  write_timeout: 10s
-  idle_timeout: 2m
-  shutdown_timeout: 20s
-  api_host: nac-api-gateway:7100
-  disable_tls: true
-  tls_cert_file: tmp.ssn.crt
-  tls_key_file: tmp.ssn.key
-
-data_discovery:
-  read_timeout: 5s
-  write_timeout: 10s
-  idle_timeout: 2m
-  shutdown_timeout: 20s
-  api_host: nac-data-discovery:7200
-
-data_permit:
-  read_timeout: 5s
-  write_timeout: 10s
-  idle_timeout: 2m
-  shutdown_timeout: 20s
-  api_host: nac-data-permit:7300
-
-db:
-  host: nac-postgres:5432
-  max_idle_conns: 2
-  max_open_conns: 0
-  disable_tls: true
-
-domibus:
-  username: nac1_user
-  host: 0.0.0.0:8080
-  disable_tls: true
-  sender: national1_ap
-  recipient: europe_ap
-
-shacl:
-  host: nac-shacl-validator:7400
-  disable_validation: true
-  validation_timeout: 25s
--- a/k8s/templates/_helpers.tpl
+++ b/k8s/templates/_helpers.tpl
+{{- define "db-host" -}}
+{{- if .Values.db.enabled -}} 
+{{ .Release.Name }}-postgres.{{ .Release.Namespace }}.svc.cluster.local:5432
+{{- else -}}
+{{ required "externalHost must be set when using own DB" .Values.db.connectorConfig.externalHost }}
+{{- end }}
+{{- end }}
--- a/k8s/templates/api-gateway.yaml
+++ b/k8s/templates/api-gateway.yaml
+{{- if .Values.apiGateway.enabled }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -14,10 +15,6 @@ spec:
      labels:
        app: api-gateway
    spec:
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 10000
-        runAsGroup: 10000
      volumes:
      - name: config-vol
        configMap:
@@ -25,12 +22,15 @@ spec:
          items:
          - key: conf.yaml
            path: conf.yaml
+      {{- if not .Values.apiGateway.connectorConfig.disableTLS }}
      - name: tls-vol
        secret:
          secretName: {{ .Release.Name }}-tls-secret
+      {{- end }}
      containers:
      - name: {{ .Release.Name }}-api-gateway
-        image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/api-gateway:{{ .Chart.AppVersion }}
+        image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.apiGateway.image.name }}:{{ .Values.apiGateway.image.tag }}
+        resources: {{ toYaml .Values.apiGateway.resources | nindent 12 }}
        envFrom:
        - secretRef:
            name: {{ .Release.Name }}-envfrom-secret
@@ -39,12 +39,12 @@ spec:
          mountPath: /usr/src/app/config/conf.yaml
          subPath: conf.yaml
          readOnly: true
+        {{- if not .Values.apiGateway.connectorConfig.disableTLS }}
        - name: tls-vol
          mountPath: /etc/ssl/localscerts
          readOnly: true
-        resources:
-          limits:
-            memory: {{ .Values.apiGateway.memoryLimit }}
+        {{- end }}
+        securityContext: {{ toYaml .Values.apiGateway.securityContext | nindent 12 }}
        ports:
        - containerPort: 7100
 ---
@@ -61,10 +61,10 @@ spec:
  type: LoadBalancer
  {{- with .Values.apiGateway.loadBalancerIP }}
  loadBalancerIP: {{ . }}    
-  {{- end -}}
+  {{- end }}
  {{- with .Values.apiGateway.loadBalancerSourceRanges }}
  loadBalancerSourceRanges: {{ . }}
-  {{- end -}}
+  {{- end }}
  {{- else }}
  type: ClusterIP
  {{- with .Values.apiGateway.clusterIP }}
@@ -77,4 +77,5 @@ spec:
      targetPort: 7100
      {{- with .Values.apiGateway.nodePort }}
      nodePort: {{ . }}
-      {{- end -}}
+      {{- end }}
+{{- end }}
--- a/k8s/templates/as4-message-dispatcher.yaml
+++ b/k8s/templates/as4-message-dispatcher.yaml
+{{- if .Values.as4MessageDispatcher.enabled }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -14,10 +15,6 @@ spec:
      labels:
        app: as4-message-dispatcher
    spec:
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 10000
-        runAsGroup: 10000
      volumes:
      - name: config-vol
        configMap:
@@ -30,7 +27,8 @@ spec:
          secretName: {{ .Release.Name }}-pass-secret
      containers:
      - name: {{ .Release.Name }}-as4-message-dispatcher
-        image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/as4-message-dispatcher:{{ .Chart.AppVersion }}
+        image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.as4MessageDispatcher.image.name }}:{{ .Values.as4MessageDispatcher.image.tag }}
+        resources: {{ toYaml .Values.as4MessageDispatcher.resources | nindent 12 }}
        volumeMounts:
        - name: config-vol
          mountPath: /usr/src/app/config/conf.yaml
@@ -40,6 +38,5 @@ spec:
          mountPath: /.domibuspass
          subPath: .domibuspass
          readOnly: true
-        resources:
-          limits:
-            memory: {{ .Values.as4MessageDispatcher.memoryLimit }}
+        securityContext: {{ toYaml .Values.as4MessageDispatcher.securityContext | nindent 12 }}
+{{- end }}
--- a/k8s/templates/configmap.yaml
+++ b/k8s/templates/configmap.yaml
@@ -4,12 +4,48 @@ metadata:
  name: {{ .Release.Name }}-configmap
 data:
  conf.yaml: |-
-{{- $conf := .Files.Get "conf.yaml" }}
-{{- $dictConf := fromYaml $conf }}
-{{- $gatewayHost := dict "api_gateway" (dict "api_host" (printf "%s-%s.%s:%d" .Release.Name "api-gateway" .Release.Namespace 7100)) }}
-{{- $discoveryHost := dict "data_discovery" (dict "api_host" (printf "%s-%s.%s.%s:%d" .Release.Name "data-discovery" .Release.Namespace "svc.cluster.local" 7200)) }}
-{{- $permitHost := dict "data_permit" (dict "api_host" (printf "%s-%s.%s.%s:%d" .Release.Name "data-permit" .Release.Namespace "svc.cluster.local" 7300)) }}
-{{- $dbHost := dict "db" (dict "host" (printf "%s-%s.%s.%s:%d" .Release.Name "postgres" .Release.Namespace "svc.cluster.local" 5432)) }}
-{{- $shaclHost := dict "shacl" (dict "host" (printf "%s-%s.%s.%s:%d" .Release.Name "shacl-validator" .Release.Namespace "svc.cluster.local" 7400)) }}
-{{- $newConf := merge $gatewayHost $discoveryHost $permitHost $dbHost $shaclHost $dictConf }}
-{{ toYaml $newConf | indent 4 }}
+    as4_message_dispatcher:
+      time_interval: {{ .Values.as4MessageDispatcher.connectorConfig.timeInterval }}
+      shutdown_timeout: {{ .Values.as4MessageDispatcher.connectorConfig.shutdownTimeout }}
+
+    api_gateway:
+      read_timeout: {{ .Values.apiGateway.connectorConfig.readTimeout }}
+      write_timeout: {{ .Values.apiGateway.connectorConfig.writeTimeout }}
+      idle_timeout: {{ .Values.apiGateway.connectorConfig.idleTimeout }}
+      shutdown_timeout: {{ .Values.apiGateway.connectorConfig.shutdownTimeout }}
+      api_host: {{ .Release.Name }}-api-gateway.{{ .Release.Namespace }}.svc.cluster.local:7100
+      disable_tls: {{ .Values.apiGateway.connectorConfig.disableTLS }}
+      tls_cert_file: {{ .Values.apiGateway.connectorConfig.tlsCertFile }}
+      tls_key_file: {{ .Values.apiGateway.connectorConfig.tlsKeyFile }}
+
+    data_discovery:
+      read_timeout: {{ .Values.dataDiscovery.connectorConfig.readTimeout }}
+      write_timeout: {{ .Values.dataDiscovery.connectorConfig.writeTimeout }}
+      idle_timeout: {{ .Values.dataDiscovery.connectorConfig.idleTimeout }}
+      shutdown_timeout: {{ .Values.dataDiscovery.connectorConfig.shutdownTimeout }}
+      api_host: {{ .Release.Name }}-data-discovery.{{ .Release.Namespace }}.svc.cluster.local:7200
+
+    data_permit:
+      read_timeout: {{ .Values.dataPermit.connectorConfig.readTimeout }}
+      write_timeout: {{ .Values.dataPermit.connectorConfig.writeTimeout }}
+      idle_timeout: {{ .Values.dataPermit.connectorConfig.idleTimeout }}
+      shutdown_timeout: {{ .Values.dataPermit.connectorConfig.shutdownTimeout }}
+      api_host: {{ .Release.Name }}-data-permit.{{ .Release.Namespace }}.svc.cluster.local:7300
+
+    db:
+      host: {{ include "db-host" . }}
+      max_idle_conns: {{ .Values.db.connectorConfig.maxIdleConns }}
+      max_open_conns: {{ .Values.db.connectorConfig.maxOpenConns }}
+      disable_tls: {{ .Values.db.connectorConfig.disableTLS }}
+
+    domibus:
+      username: {{ .Values.domibus.username }}
+      host: {{ .Values.domibus.host }}
+      disable_tls: {{ .Values.domibus.disable_tls }}
+      sender: {{ .Values.domibus.sender }}
+      recipient: {{ .Values.domibus.recipient }}
+
+    shacl:
+      host: {{ .Release.Name }}-shacl-validator.{{ .Release.Namespace }}.svc.cluster.local:7400
+      disable_validation: {{ .Values.shaclValidator.connectorConfig.disableValidation }}
+      validation_timeout: {{ .Values.shaclValidator.connectorConfig.validationTimeout }}
--- a/k8s/templates/data-discovery.yaml
+++ b/k8s/templates/data-discovery.yaml
+{{- if .Values.dataDiscovery.enabled }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -14,10 +15,6 @@ spec:
      labels:
        app: data-discovery
    spec:
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 10000
-        runAsGroup: 10000
      volumes:
      - name: config-vol
        configMap:
@@ -30,7 +27,8 @@ spec:
          secretName: {{ .Release.Name }}-pass-secret
      containers:
      - name: {{ .Release.Name }}-discovery
-        image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/nac-data-discovery:{{ .Chart.AppVersion }}
+        image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.dataDiscovery.image.name }}:{{ .Values.dataDiscovery.image.tag }}
+        resources: {{ toYaml .Values.dataDiscovery.resources | nindent 12 }}
        envFrom:
        - secretRef:
            name: {{ .Release.Name }}-envfrom-secret
@@ -43,9 +41,7 @@ spec:
          mountPath: /.domibuspass
          subPath: .domibuspass
          readOnly: true
-        resources:
-          limits:
-            memory: {{ .Values.dataDiscovery.memoryLimit }}
+        securityContext: {{ toYaml .Values.dataDiscovery.securityContext | nindent 12 }}
        ports:
        - containerPort: 7200
 ---
@@ -60,3 +56,4 @@ spec:
    - protocol: TCP
      port: 7200
      targetPort: 7200
+{{- end }}
--- a/k8s/templates/data-permit.yaml
+++ b/k8s/templates/data-permit.yaml
+{{- if .Values.dataPermit.enabled }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -14,10 +15,6 @@ spec:
      labels:
        app: data-permit
    spec:
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 10000
-        runAsGroup: 10000
      volumes:
      - name: config-vol
        configMap:
@@ -30,7 +27,8 @@ spec:
          secretName: {{ .Release.Name }}-pass-secret
      containers:
      - name: {{ .Release.Name }}-permit
-        image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/nac-data-permit:{{ .Chart.AppVersion }}
+        image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.dataPermit.image.name }}:{{ .Values.dataPermit.image.tag }}
+        resources: {{ toYaml .Values.dataPermit.resources | nindent 12 }}
        envFrom:
        - secretRef:
            name: {{ .Release.Name }}-envfrom-secret
@@ -43,9 +41,7 @@ spec:
          mountPath: /.domibuspass
          subPath: .domibuspass
          readOnly: true
-        resources:
-          limits:
-            memory: {{ .Values.dataPermit.memoryLimit }}
+        securityContext: {{ toYaml .Values.dataPermit.securityContext | nindent 12 }}
        ports:
        - containerPort: 7300
 ---
@@ -60,3 +56,4 @@ spec:
    - protocol: TCP
      port: 7300
      targetPort: 7300
+{{- end }}
--- a/k8s/templates/migration.yaml
+++ b/k8s/templates/migration.yaml
+{{- if .Values.migration.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: "{{ .Release.Name }}-goose-{{ now | unixEpoch }}"
+  labels:
+    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+spec:
+  template:
+    metadata:
+      name: {{ .Release.Name }}-goose
+      labels:
+        app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+        app.kubernetes.io/instance: {{ .Release.Name | quote }}
+        helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    spec:
+      restartPolicy: Never
+      initContainers:
+      - name: wait-postgres
+        image: {{ .Values.db.image.name }}:{{ .Values.db.image.tag }}
+        command:
+        - sh
+        - -ec
+        - |
+          until pg_isready -U postgres -h {{ include "db-host" . }} -p 5432; do
+            echo waiting for postgres; sleep 1
+          done
+      containers:
+        - name: {{ .Release.Name }}-goose
+          image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.migration.image.name }}:{{ .Values.migration.image.tag }}
+          imagePullPolicy: Always
+          envFrom:
+          - secretRef:
+              name: {{ .Release.Name }}-envfrom-secret
+          env:
+          - name: GOOSE_DBSTRING
+            value: "host={{ include "db-host" . }} user=$(POSTGRES_USER) password=$(POSTGRES_PASSWORD) dbname=$(POSTGRES_DB) sslmode=disable"
+          command:
+            - goose
+            - postgres
+            - up
+{{- end }}
\ No newline at end of file
--- a/k8s/templates/postgres.yaml
+++ b/k8s/templates/postgres.yaml
+{{- if .Values.db.enabled }}
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -16,7 +17,8 @@ spec:
      terminationGracePeriodSeconds: 30
      containers:
      - name: {{ .Release.Name }}-postgres
-        image: postgres:16-alpine
+        image: {{ .Values.db.image.name }}:{{ .Values.db.image.tag }}
+        resources: {{ toYaml .Values.db.resources | nindent 12 }}
        env:
        - name: PGDATA
          value: "/var/lib/postgresql/data"
@@ -30,15 +32,11 @@ spec:
        - name: data
          mountPath: /var/lib/postgresql/data
          readOnly: false
+        securityContext: {{ toYaml .Values.db.securityContext | nindent 12 }}
  volumeClaimTemplates:
  - metadata:
      name: data
-    spec:
-      accessModes: [ "ReadWriteOnce" ]
-      storageClassName: "standard"
-      resources:
-        requests:
-          storage: 100Mi
+    spec: {{ toYaml .Values.db.volumeClaimTemplates.spec | nindent 6 }}
 ---
 apiVersion: v1
 kind: Service
@@ -54,44 +52,4 @@ spec:
  - port: 5432
    targetPort: 5432
    name: postgres
---
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: "{{ .Release.Name }}-goose-{{ now | unixEpoch }}"
-  labels:
-    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-spec:
-  template:
-    metadata:
-      name: {{ .Release.Name }}-goose
-      labels:
-        app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
-        app.kubernetes.io/instance: {{ .Release.Name | quote }}
-        helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    spec:
-      restartPolicy: Never
-      initContainers:
-      - name: wait-postgres
-        image: postgres:16-alpine
-        command:
-        - sh
-        - -ec
-        - |
-          until pg_isready -U postgres -h {{ .Release.Name }}-postgres -p 5432; do
-            echo waiting for postgres; sleep 1
-          done
-      containers:
-        - name: {{ .Release.Name }}-goose
-          image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/nac-goose:{{ .Chart.AppVersion }}
-          imagePullPolicy: Always
-          envFrom:
-          - secretRef:
-              name: {{ .Release.Name }}-envfrom-secret
-          env:
-          - name: GOOSE_DBSTRING
-            value: "host={{ .Release.Name }}-postgres user=$(POSTGRES_USER) password=$(POSTGRES_PASSWORD) dbname=$(POSTGRES_DB) sslmode=disable"
-          command:
-            - goose
-            - postgres
-            - up
+{{- end }}
--- a/k8s/templates/secret.yaml
+++ b/k8s/templates/secret.yaml
@@ -4,7 +4,7 @@ metadata:
  name: {{ .Release.Name }}-envfrom-secret
 type: Opaque
 stringData:
-{{- range $key, $value := .Values.env }}
+{{- range $key, $value := .Values.global.envVars }}
  {{ $key }}: {{ $value }}
 {{- end }}
 ---
@@ -17,6 +17,7 @@ stringData:
  .domibuspass: |-
 {{ .Values.domibuspass | indent 4 }}
 ---
+{{- if not .Values.apiGateway.connectorConfig.disableTLS }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -27,3 +28,4 @@ stringData:
 {{ .Values.tls.crt | indent 4 }}
  tls.key: |-
 {{ .Values.tls.key | indent 4 }}
+{{- end }}
--- a/k8s/templates/shacl-validator.yaml
+++ b/k8s/templates/shacl-validator.yaml
+{{- if .Values.shaclValidator.enabled }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -16,15 +17,13 @@ spec:
    spec:
      containers:
      - name: {{ .Release.Name }}-shacl-validator
-        image: code.europa.eu:4567/healthdataeu-nodes/hdeupoc/shacl-validator:{{ .Chart.AppVersion }}
+        image: {{ .Values.global.image.registry }}/{{ .Values.global.image.repository }}/{{ .Values.shaclValidator.image.name }}:{{ .Values.shaclValidator.image.tag }}
        env:
        - name: validator.resourceRoot
          value: "/validator/resources"
-        resources:
-          limits:
-            memory: {{ .Values.shaclValidator.memoryLimit }}
+        resources: {{ toYaml .Values.shaclValidator.resources | nindent 12 }}
        ports:
-        - containerPort: 7400
+        - containerPort: 8080
 ---
 apiVersion: v1
 kind: Service
@@ -37,3 +36,4 @@ spec:
    - protocol: TCP
      port: 7400
      targetPort: 8080
+{{- end }}
--- a/k8s/values-example.yaml
+++ b/k8s/values-example.yaml
-as4MessageDispatcher:
-  memoryLimit: "512Mi"
-apiGateway:
-  memoryLimit: "512Mi"
-  clusterIP: #8080
-  nodePort: 31000
-  loadBalancerIP: #127.0.0.1
-  loadBalancerSourceRanges: #["127.0.0.1/255"]
-dataDiscovery:
-  memoryLimit: "512Mi"
-dataPermit:
-  memoryLimit: "512Mi"
-shaclValidator:
-  memoryLimit: "512Mi"
--- a/k8s/values.yaml
+++ b/k8s/values.yaml
+global:
+  image:
+    registry: code.europa.eu:4567
+    repository: healthdataeu-nodes/hdeupoc
+  envVars:
+    POSTGRES_DB: ""
+    POSTGRES_USER: ""
+    POSTGRES_PASSWORD: ""
+
+as4MessageDispatcher:
+  enabled: true
+  image: 
+    name: as4-message-dispatcher
+    tag: v2.7.0
+  resources:
+    limits:
+      memory: 512Mi
+  securityContext:
+    runAsUser: 10000
+    runAsGroup: 10000
+  connectorConfig:
+    timeInterval: 1s
+    shutdownTimeout: 20s
+
+apiGateway:
+  enabled: true
+  image:
+    name: api-gateway
+    tag: v2.7.0
+  clusterIP: #8080
+  nodePort: 31000
+  loadBalancerIP: #127.0.0.1
+  loadBalancerSourceRanges: #["127.0.0.1/255"]
+  resources:
+    limits:
+      memory: 512Mi
+  securityContext:
+    runAsUser: 10000
+    runAsGroup: 10000
+  connectorConfig:
+    readTimeout: 5s
+    writeTimeout: 10s
+    idleTimeout: 2m
+    shutdownTimeout: 20s
+    disableTLS: true
+    tlsCertFile: tmp.ssn.crt
+    tlsKeyFile: tmp.ssn.key
+
+dataDiscovery:
+  enabled: true
+  image: 
+    name: data-discovery
+    tag: v2.7.0
+  resources:
+    limits:
+      memory: 512Mi
+  securityContext:
+    runAsUser: 10000
+    runAsGroup: 10000
+  connectorConfig:
+    readTimeout: 5s
+    writeTimeout: 10s
+    idleTimeout: 2m
+    shutdownTimeout: 20s
+
+dataPermit:
+  enabled: true
+  image: 
+    name: data-permit
+    tag: v2.7.0
+  resources:
+    limits:
+      memory: 512Mi
+  securityContext:
+    runAsUser: 10000
+    runAsGroup: 10000
+  connectorConfig:
+    readTimeout: 5s
+    writeTimeout: 10s
+    idleTimeout: 2m
+    shutdownTimeout: 20s
+
+db:
+  enabled: true
+  image: 
+    name: postgres
+    tag: 16-alpine
+  resources:
+    requests:
+      cpu: 100m
+      memory: 128Mi
+    limits:
+      cpu: 500m
+      memory: 512Mi
+  securityContext:
+    runAsNonRoot: false
+  volumeClaimTemplates:
+    spec:
+      accessModes: [ "ReadWriteOnce" ]
+      storageClassName: "standard"
+      resources:
+        requests:
+          storage: 1Gi
+  connectorConfig:
+    externalHost: "" #if db disabled furnish the external host.
+    maxIdleConns: 2
+    maxOpenConns: 0
+    disableTLS: true
+  
+migration:
+  enabled: true
+  image:
+    name: goose
+    tag: v2.7.0
+
+domibus:
+  username: ""
+  host: ""
+  disable_tls: true
+  sender: ""
+  recipient: ""
+
+shaclValidator:
+  enabled: true
+  image:
+    name: shacl-validator
+    tag: v2.7.0
+  resources:
+    limits:
+      memory: 512Mi
+  connectorConfig:
+    disableValidation: true
+    validationTimeout: 25s