tutorials/PacketDelivery-ReferenceExample/Data-Service-Provider/values/values-activation-service.yml at main · i4Trust/tutorials · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# Default values for activation-service.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

## deployment specific configuration
deployment:
  ## configuration of the image to be used
  image:
    # -- image name
    # ref: https://hub.docker.com/r/i4trust/activation-service
    repository: quay.io/i4trust/activation-service
    # -- tag of the image to be used
    tag: 2.2.0

## Set either an ingress or openshift route for making the activation service externally available
##
## openshift specific route definition. Will not work on plain k8s
route:
  ## -- should the deployment create openshift routes
  enabled: false
## ingress configuration
ingress:
  # -- should there be an ingress to connect the activation service with the public internet
  enabled: false

## Configuration of activation service execution
activationService:
  # -- Listen port
  port: 8080
  # -- Number of (gunicorn) workers that should be created
  workers: 1
  # -- Maximum header size in bytes
  maxHeaderSize: 32768
  # -- Log Level
  logLevel: "debug"

## Activation Service configuration
config:
  # Client configuration
  client:
    # Client ID (EORI)
    id: "EU.EORI.NLPACKETDEL"
    # Client key (PEM private key)
    key: |
      -----BEGIN PRIVATE KEY-----
      <Put private key here>
      -----END PRIVATE KEY-----
    # Client certificate (PEM certificate chain)
    crt: |
      -----BEGIN CERTIFICATE-----
      <Put certificates here>
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      <Put intermediate certificates here>
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      <Put Root certificate here>
      -----END CERTIFICATE-----

  # Configuration for additional API keys to protect certain endpoints
  apikeys:
    # Config for iSHARE flow
    ishare:
      # Header name
      headerName: "AS-API-KEY"
      # API key (auto-generated if left empty)
      apiKey: "<your-api-key>"
      # Enable for /token endpoint (API key will be required)
      enabledToken: true
      # Enable for /createpolicy endpoint (API key will be required)
      enabledCreatePolicy: false
    # Config for Trusted-Issuers-List flow
    issuer:
      # Header name
      headerName: "AS-API-KEY"
      # API key (auto-generated if left empty)
      apiKey: "<your-api-key>"
      # Enable for /issuer endpoint (API key will be required)
      enabledIssuer: true

  # Configuration of SQLite database
  db:
    # -- Use sqlite in-memory database
    useMemory: true
    # -- Enable tracking of modifications
    modTracking: false
    # -- Enable SQL logging to stderr
    echo: true

  # Configuration of authorisation registry
  ar:
    # Endpoint for token request
    token: "https://ar.isharetest.net/connect/token"
    # Endpoint for create policy requests
    policy: "https://ar.isharetest.net/policy"
    # Endpoint for delegation requests
    delegation: "https://ar.isharetest.net/delegation"
    # EORI of AR
    id: "EU.EORI.NL000000004"
    # Disable SSL verification
    rejectUnauthorized: false