[indy] refactor codebase for effective deployment

platforms/hyperledger-indy/charts/indy-node/templates/statefulset.yaml

@@ -9,6 +9,8 @@ kind: StatefulSet
 metadata:
   name: "{{ $.Values.metadata.name }}"
   namespace: "{{ $.Values.metadata.namespace }}"
+  labels:
+    app: "{{ $.Values.metadata.name }}"
 spec:
   serviceName: "{{ $.Values.metadata.name }}"
   replicas: 1
@@ -217,7 +219,7 @@ spec:
             - containerPort: {{ $.Values.client.port }}
           env:
             - name: INDY_NODE_NAME
-              value: "{{ $.Values.node.name }}"
+              value: "{{ $.Values.vault.nodeId }}"
             - name: INDY_NODE_IP
               value: "{{ $.Values.node.ip }}"
             - name: INDY_NODE_PORT

platforms/hyperledger-indy/configuration/roles/check/k8_component/tasks/main.yaml

@@ -27,10 +27,10 @@
     service_account: "{{ component_name }}"
     role: "ro"
   shell: |
-    secret="$(KUBECONFIG={{ kubernetes.config_file }} kubectl get serviceaccount {{ service_account }} -n {{ component_ns }} -o go-template={% raw %}'{{ (index .secrets 0).name }}'{% endraw %})"
-    kube_token="$(KUBECONFIG={{ kubernetes.config_file }} kubectl get secret ${secret} -n {{ component_ns }} -o go-template={% raw %}'{{ .data.token }}'{% endraw %} | base64 -d)"
+    secret="{{ service_account }}-token"
+    kube_token=$(kubectl --kubeconfig={{ kubernetes.config_file }} -n {{ component_ns }} get secret ${secret} -o jsonpath="{.data.token}" | base64 --decode)
     vault_token=$(curl --request POST --data '{"jwt": "'"$kube_token"'", "role": "{{ role }}"}' {{ vault.url }}/v1/auth/kubernetes-{{ organization }}-bevel-ac-auth/login | jq -j '.auth.client_token')
-    echo ${vault_token}
+    echo $vault_token
   register: token_output
   when: component_type == "GetServiceAccount"
 

platforms/hyperledger-indy/configuration/roles/create/helm_component/node/templates/node.tpl

@@ -40,15 +40,18 @@ spec:
         name: {{ component_name }}
         repository: {{ network.docker.url }}/bevel-indy-node:{{ network.version }}
     node:
-      name: {{ stewardItem.name }}
+      name: {{ component_name }}
       ip: 0.0.0.0
       publicIp: {{ stewardItem.publicIp }}
       port: {{ stewardItem.node.port }}
+      targetPort: {{ stewardItem.node.targetPort }}
       ambassadorPort: {{ stewardItem.node.ambassador }}
     client:
+      name: {{ component_name }}
       publicIp: {{ stewardItem.publicIp }}
       ip: 0.0.0.0
       port: {{ stewardItem.client.port }}
+      targetPort: {{ stewardItem.client.targetPort }}
       ambassadorPort: {{ stewardItem.client.ambassador }}
     service:
 {% if organizationItem.cloud_provider != 'minikube' %}
@@ -99,4 +102,3 @@ spec:
       keys:
         storagesize: 3Gi
         storageClassName: {{ sc_name }}
-

platforms/hyperledger-indy/configuration/roles/create/k8_component/templates/serviceaccount.tpl

@@ -3,3 +3,12 @@ kind: ServiceAccount
 metadata:
   name: {{ component_name }}
   namespace: {{ component_namespace }}
+---
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ component_name }}-token
+  namespace: {{ component_namespace }}
+  annotations:
+    kubernetes.io/service-account.name: "{{ component_name }}"

platforms/hyperledger-indy/configuration/samples/network-indy-newnode-to-baf-network.yaml

@@ -15,16 +15,20 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
-    type: indy             # tag for the environment. Important to run multiple flux on single cluster
+    type: indy                      # tag for the environment. Important to run multiple flux on single cluster
     proxy: ambassador               # value has to be 'ambassador' as 'haproxy' has not been implemented for Indy
+    proxy_namespace: "ambassador"   # Namespace for the proxy
     ambassadorPorts:
-      portRange:              # For a range of ports
-        from: 9711
-        to: 9720
+      # Specify a list of individual ports to use
+      ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:              
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     loadBalancerSourceRanges: # (Optional) Default value is '0.0.0.0/0', this value can be changed to any other IP adres or list (comma-separated without spaces) of IP adresses, this is valid only if proxy='ambassador'
     retry_count: 40                 # Retry count for the checks
     external_dns: enabled           # Should be enabled if using external-dns for automatic route configuration
@@ -64,6 +68,8 @@ network:
       region: "region"                        # AWS region
 
     publicIps: ["3.221.78.194"]             # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+    azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
     # Kubernetes cluster deployment variables. The config file path has to be provided in case
     # the cluster has already been created.
@@ -178,6 +184,8 @@ network:
       region: "region"                        # AWS region
 
     publicIps: ["3.221.78.194"]               # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster                        # List of all public IP addresses of each availability zone
+    azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
     # Kubernetes cluster deployment variables. The config file path has to be provided in case
     # the cluster has already been created.

platforms/hyperledger-indy/configuration/samples/network-indy-newnode-to-non-baf-network.yaml

@@ -14,16 +14,20 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
-    type: indy             # tag for the environment. Important to run multiple flux on single cluster
+    type: indy                      # tag for the environment. Important to run multiple flux on single cluster
     proxy: ambassador               # value has to be 'ambassador' as 'haproxy' has not been implemented for Indy
+    proxy_namespace: "ambassador"   # Namespace for the proxy
     ambassadorPorts:
-      portRange:              # For a range of ports
-        from: 9711
-        to: 9712
+      # Specify a list of individual ports to use
+      ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:              
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     loadBalancerSourceRanges: # (Optional) Default value is '0.0.0.0/0', this value can be changed to any other IP adres or list (comma-separated without spaces) of IP adresses, this is valid only if proxy='ambassador'
     retry_count: 40                 # Retry count for the checks
     external_dns: enabled           # Should be enabled if using external-dns for automatic route configuration
@@ -63,6 +67,8 @@ network:
       region: "region"                        # AWS region
 
     publicIps: ["3.221.78.194"]               # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster                        # List of all public IP addresses of each availability zone
+    azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
     # Kubernetes cluster deployment variables. The config file path has to be provided in case
     # the cluster has already been created.

platforms/hyperledger-indy/configuration/samples/network-indyv3-aries.yaml

@@ -14,15 +14,21 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
     type: "bevel"                     # tag for the environment. Important to run multiple flux on single cluster
-    proxy: ambassador               # value has to be 'ambassador' as 'haproxy' has not been implemented for Indy
+    proxy: ambassador                 # value has to be 'ambassador' as 'haproxy' has not been implemented for Indy
+    proxy_namespace: "ambassador"     # Namespace for the proxy
     # Must be different from all stward ambassador ports specified in the rest of this network yaml
-    ambassadorPorts:                # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
-      ports: 15010,15023,15024,15025,15033,15034,15035,15043,15044,15045 # Each Client Agent uses 3 ports  # Indy does not use a port range as it creates an NLB, and only necessary ports should be opened 
+    ambassadorPorts:                  # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
+      # Specify a list of individual ports to use
+      ports: [15010,15023,15024,15025,15033,15034,15035,15043,15044,15045] # Each Client Agent uses 3 ports  # Indy does not use a port range as it creates an NLB, and only necessary ports should be opened 
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     loadBalancerSourceRanges: # (Optional) Default value is '0.0.0.0/0', this value can be changed to any other IP adres or list (comma-separated without spaces) of IP adresses, this is valid only if proxy='ambassador'
     retry_count: 20                 # Retry count for the checks
     external_dns: enabled          # Should be enabled if using external-dns for automatic route configuration
@@ -61,6 +67,8 @@ network:
         region: "region"                        # AWS region
 
       publicIps: ["1.1.1.1", "2.2.2.2"]          # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -114,6 +122,8 @@ network:
         region: "region"                        # AWS region
 
       publicIps: ["192.168.99.173"]             # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.

platforms/hyperledger-indy/configuration/samples/network-indyv3.yaml

@@ -16,15 +16,21 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
-    type: "dev"              # tag for the environment. Important to run multiple flux on single cluster
+    type: "dev"                     # tag for the environment. Important to run multiple flux on single cluster
     proxy: ambassador               # value has to be 'ambassador' as 'haproxy' has not been implemented for Indy
+    proxy_namespace: "ambassador"   # Namespace for the proxy
     # Must be different from all other ports specified in the rest of this network yaml
     ambassadorPorts:                # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
-      ports: 15010,15023,15024,15025,15033,15034,15035,15043,15044,15045 # Each Client Agent uses 3 ports  # Indy does not use a port range as it creates an NLB, and only necessary ports should be opened 
+      # Specify a list of individual ports to use
+      ports: [15010,15023,15024,15025,15033,15034,15035,15043,15044,15045] # Each Client Agent uses 3 ports  # Indy does not use a port range as it creates an NLB, and only necessary ports should be opened
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     loadBalancerSourceRanges: # (Optional) Default value is '0.0.0.0/0', this value can be changed to any other IP adres or list (comma-separated without spaces) of IP adresses, this is valid only if proxy='ambassador'
     retry_count: 20                 # Retry count for the checks
     external_dns: enabled           # Should be enabled if using external-dns for automatic route configuration
@@ -63,6 +69,8 @@ network:
         region: "region"                        # AWS region
 
       publicIps: ["1.1.1.1", "2.2.2.2"]        # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -116,6 +124,8 @@ network:
         region: "region"                        # AWS region
 
       publicIps: ["3.221.78.194"]               # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -205,6 +215,8 @@ network:
         region: "region"                        # AWS region
 
       publicIps: ["3.221.78.194"]             # List of all public IP addresses of each availability zone from all organizations in the same k8s cluster
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.

platforms/hyperledger-indy/configuration/samples/network-minikube-aries.yaml

@@ -14,14 +14,14 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
     type: "bevel"                     # tag for the environment. Important to run multiple flux on single cluster
-    proxy: none               # proxy is none for minikube/single cluster
-    retry_count: 20                 # Retry count for the checks
-    external_dns: disabled          # Should be enabled if using external-dns for automatic route configuration
+    proxy: none                       # proxy is none for minikube/single cluster
+    retry_count: 20                   # Retry count for the checks
+    external_dns: disabled            # Should be enabled if using external-dns for automatic route configuration
 
   # Docker registry details where images are stored. This will be used to create k8s secrets
   # Please ensure all required images are built and stored in this registry.
@@ -48,6 +48,8 @@ network:
       type: peer
       cloud_provider: minikube             
       publicIps: []                        # Public Ips of stewards/nodes [public ip of minikube]
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -92,6 +94,8 @@ network:
       type: peer
       cloud_provider: minikube             
       publicIps: ["192.168.99.173"]        # Public Ips of stewards/nodes [public ip of minikube]
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.

platforms/hyperledger-indy/configuration/samples/network-minikube.yaml

@@ -11,14 +11,14 @@ network:
   # Network level configuration specifies the attributes required for each organization
   # to join an existing network.
   type: indy
-  version: 1.11.0                         # Supported versions 1.11.0 and 1.12.1
+  version: 1.12.6                         # Supported versions 1.11.0, 1.12.1 & 1.12.6
 
   #Environment section for Kubernetes setup
   env:
     type: "bevel"                     # tag for the environment. Important to run multiple flux on single cluster
-    proxy: none               # proxy is none for minikube/single cluster
-    retry_count: 20                 # Retry count for the checks
-    external_dns: disabled          # Should be enabled if using external-dns for automatic route configuration
+    proxy: none                       # proxy is none for minikube/single cluster
+    retry_count: 20                   # Retry count for the checks
+    external_dns: disabled            # Should be enabled if using external-dns for automatic route configuration
 
   # Docker registry details where images are stored. This will be used to create k8s secrets
   # Please ensure all required images are built and stored in this registry.
@@ -45,6 +45,8 @@ network:
       type: peer
       cloud_provider: minikube             
       publicIps: []                        # Public Ips of stewards/nodes [public ip of minikube]
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -89,6 +91,8 @@ network:
       type: peer
       cloud_provider: minikube             
       publicIps: ["192.168.99.173"]        # Public Ips of stewards/nodes [public ip of minikube]
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.
@@ -165,6 +169,8 @@ network:
       type: peer
       cloud_provider: minikube             
       publicIps: ["192.168.99.173"]        # Public Ips of stewards/nodes [public ip of minikube]
+      azure:
+        node_resource_group: "MC_myResourceGroup_myCluster_westeurope"
 
       # Kubernetes cluster deployment variables. The config file path has to be provided in case
       # the cluster has already been created.

platforms/network-schema.json

@@ -233,7 +233,8 @@
                 "type": "string",
                 "enum": [
                   "1.11.0",
-                  "1.12.1"
+                  "1.12.1",
+                  "1.12.6"
                 ]
               },
               "env": {
@@ -480,8 +481,10 @@
       "type": "object",
       "properties": {
         "ports": {
-          "type": "string",
-          "pattern": "^\\d{1,5}(?:,\\d{1,5})*$"
+          "type": "array",
+          "items": {
+            "type": "integer"
+          }
         },
         "portRange": {
           "type": "object",