TIBCOSoftware · slaxmika-tibco · Dec 10, 2024 · Dec 10, 2024
diff --git a/charts/tp-cp-core/Chart.yaml b/charts/tp-cp-core/Chart.yaml
@@ -1,33 +1,33 @@
 apiVersion: v2
-appVersion: 1.3.0-HF2
+appVersion: 1.3.0-HF3
 dependencies:
 - condition: admin-webserver.enabled
   name: admin-webserver
-  version: 1.3.1182
+  version: 1.3.1262
 - condition: web-server.enabled
   name: web-server
-  version: 1.3.4142
+  version: 1.3.4357
 - condition: orchestrator.enabled
   name: orchestrator
-  version: 1.3.2914
+  version: 1.3.3211
 - condition: user-subscriptions.enabled
   name: user-subscriptions
-  version: 1.3.1598
+  version: 1.3.1678
 - condition: email-service.enabled
   name: email-service
-  version: 1.3.320
+  version: 1.3.333
 - condition: cronjobs.enabled
   name: cronjobs
-  version: 1.3.411
+  version: 1.3.503
 - condition: identity-management.enabled
   name: identity-management
-  version: 1.3.1659
+  version: 1.3.1744
 - condition: identity-provider.enabled
   name: identity-provider
-  version: 1.3.580
+  version: 1.3.624
 - condition: pengine.enabled
   name: pengine
-  version: 1.3.782
+  version: 1.3.807
 description: A Helm chart for -- tp-cp-core
 name: tp-cp-core
-version: 1.3.8330
+version: 1.3.8408
diff --git a/charts/tp-cp-core/charts/admin-webserver/Chart.yaml b/charts/tp-cp-core/charts/admin-webserver/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 1.3.0
+appVersion: 1.3.0-HF3
 description: A Helm chart for -- Admin WebServer
 name: admin-webserver
-version: 1.3.1182
+version: 1.3.1262
diff --git a/charts/tp-cp-core/charts/admin-webserver/templates/_consts.tpl b/charts/tp-cp-core/charts/admin-webserver/templates/_consts.tpl
@@ -51,14 +51,6 @@
   {{- include "cp-env.get" (dict "key" "CP_INSTANCE_ID" "default" "cp1" "required" "false"  "Release" .Release )}}
 {{- end }}
 
-{{- define "cp-core-configuration.provider-name" }}
-{{- if .Values.providerName }}
-  {{- .Values.providerName }}
-{{- else }}
-{{- include "cp-env.get" (dict "key" "CP_PROVIDER" "default" "aws" "required" "false"  "Release" .Release )}}
-{{- end }}
-{{- end }}
-
 {{- define "cp-core-configuration.pvc-name" }}
 {{- if .Values.pvcName }}
   {{- .Values.pvcName }}
@@ -104,4 +96,4 @@
 
 {{- define "cp-core-configuration.cp-container-registry-password" }}
   {{- include "cp-env.get" (dict "key" "CP_CONTAINER_REGISTRY_PASSWORD" "default" "" "required" "false"  "Release" .Release ) -}}
-{{- end }}
+{{- end }}
diff --git a/charts/tp-cp-core/charts/admin-webserver/templates/_generated.tpl b/charts/tp-cp-core/charts/admin-webserver/templates/_generated.tpl
@@ -1,2 +1,2 @@
-{{- define "admin-webserver.generated.buildNumber" }}1182{{end -}}
-{{- define "admin-webserver.generated.buildTimestamp" }}09-03-24_15.01.47_PM{{end -}}
+{{- define "admin-webserver.generated.buildNumber" }}1262-1.3.0-HF{{end -}}
+{{- define "admin-webserver.generated.buildTimestamp" }}12-05-24_05.05.20_AM{{end -}}
diff --git a/charts/tp-cp-core/charts/admin-webserver/templates/admin-webserver.yaml b/charts/tp-cp-core/charts/admin-webserver/templates/admin-webserver.yaml
@@ -209,8 +209,6 @@ spec:
             configMapKeyRef:
               name: {{ include "tp-control-plane-dnsdomain-configmap" . }}
               key: REGION
-        - name: TIBCO_INTERNAL_IAAS_VENDOR
-          value: {{ include "cp-core-configuration.provider-name" . }}
         - name: TSC_DNS_DOMAIN
           valueFrom:
             configMapKeyRef:

diff --git a/charts/tp-cp-core/charts/cronjobs/Chart.yaml b/charts/tp-cp-core/charts/cronjobs/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 1.3.0-HF2
+appVersion: 1.3.0-HF3
 description: A Helm chart for -- Cron Jobs
 name: cronjobs
-version: 1.3.411
+version: 1.3.503
diff --git a/charts/tp-cp-core/charts/cronjobs/templates/_consts.tpl b/charts/tp-cp-core/charts/cronjobs/templates/_consts.tpl
@@ -75,14 +75,6 @@
   {{- include "cp-env.get" (dict "key" "CP_INSTANCE_ID" "default" "cp1" "required" "false"  "Release" .Release )}}
 {{- end }}
 
-{{- define "cp-core-configuration.provider-name" }}
-{{- if .Values.providerName }}
-  {{- .Values.providerName }}
-{{- else }}
-{{- include "cp-env.get" (dict "key" "CP_PROVIDER" "default" "aws" "required" "false"  "Release" .Release )}}
-{{- end }}
-{{- end }}
-
 {{- define "cp-core-configuration.cp-dns-domain" }}
   {{- include "cp-env.get" (dict "key" "CP_DNS_DOMAIN" "default" "cp1" "required" "false"  "Release" .Release )}}
 {{- end }}

diff --git a/charts/tp-cp-core/charts/cronjobs/templates/_generated.tpl b/charts/tp-cp-core/charts/cronjobs/templates/_generated.tpl
@@ -1,2 +1,2 @@
-{{- define "cronjobs.generated.buildNumber" }}411-1.3.0-HF{{end -}}
-{{- define "cronjobs.generated.buildTimestamp" }}10-17-24_08.45.46_AM{{end -}}
+{{- define "cronjobs.generated.buildNumber" }}503-1.3.0-HF{{end -}}
+{{- define "cronjobs.generated.buildTimestamp" }}12-09-24_12.37.21_PM{{end -}}
diff --git a/charts/tp-cp-core/charts/cronjobs/templates/cp-cronjobs.yaml b/charts/tp-cp-core/charts/cronjobs/templates/cp-cronjobs.yaml
@@ -172,8 +172,6 @@ spec:
               key: {{ .Chart.Name }}.scheduleFrequencyForProvisionInfraCapabilitiesJob
         - name: TSC_BILLING_EMAIL_ALIAS
           value: {{ (.Values.global.external.cronJobReportsEmailAlias) }}
-        - name: TIBCO_INTERNAL_IAAS_VENDOR
-          value: {{ include "cp-core-configuration.provider-name" . }}
         - name: TSC_SCHEDULER_AWS_REGION
           valueFrom:
             configMapKeyRef:
@@ -237,11 +235,11 @@ spec:
         - name: WRITE_POSTGRES_DATABASE_SSL_MODE
           value: {{ .Values.global.external.db_ssl_mode }}
         - name: WRITE_POSTGRES_DATABASE_SSL_ROOT_CERT
-          value: {{ .Values.global.external.db_ssl_root_cert }}
+          value: /private/tsc/certificates/{{ .Values.global.tibco.db_ssl_root_cert_filename }}
         - name: READ_POSTGRES_DATABASE_SSL_MODE
           value: {{ .Values.global.external.db_ssl_mode }}
         - name: READ_POSTGRES_DATABASE_SSL_ROOT_CERT
-          value: {{ .Values.global.external.db_ssl_root_cert }}
+          value: /private/tsc/certificates/{{ .Values.global.tibco.db_ssl_root_cert_filename }}
         - name: TSC_CONFIG_LOCATION
           value: {{ include "tp-cp-cronjobs.consts.tscConfigLocation" . }}
         - name: TSC_CONFIGURATION_LOCATION_COMMON
@@ -252,25 +250,13 @@ spec:
               name: {{ include "tp-control-plane-dnsdomain-configmap" . }}
               key: TSC_DNS_DOMAIN
         - name: DISABLE_PROVISION_INFRA_CAPABILITIES_JOB
-          valueFrom:
-            configMapKeyRef:
-              name: {{ include "tp-control-plane-env-configmap" . }}
-              key: {{ .Chart.Name }}.disableProvisionInfraCapabilitiesJob
+          value: {{ .Values.global.tibco.cronjobs.disableProvisionInfraCapabilitiesJob | quote }}
         - name: DISABLE_GDPR_PURGE_HISTORY_JOB
-          valueFrom:
-            configMapKeyRef:
-              name: {{ include "tp-control-plane-env-configmap" . }}
-              key: {{ .Chart.Name }}.disableGdprPurgeHistoryJob
+          value: {{ .Values.global.tibco.cronjobs.disableGdprPurgeHistoryJob | quote }}
         - name: DISABLE_IDM_CLEAN_UP_JOB
-          valueFrom:
-            configMapKeyRef:
-              name: {{ include "tp-control-plane-env-configmap" . }}
-              key: {{ .Chart.Name }}.disableIdmCleanUpJob
+          value: {{ .Values.global.tibco.cronjobs.disableIdmCleanUpJob | quote }}
         - name: DISABLE_IDM_NOTIFY_CERTIFICATES_EXPIRY_JOB
-          valueFrom:
-            configMapKeyRef:
-              name: {{ include "tp-control-plane-env-configmap" . }}
-              key: {{ .Chart.Name }}.disableIdmNotifyCertificatesExpiryJob
+          value: {{ .Values.global.tibco.cronjobs.disableIdmNotifyCertificatesExpiryJob  | quote }}
         - name: ENVIRONMENT_TYPE
           value: {{ (.Values.global.external.environment | lower) }}
         - name: POSTGRES_UTD_DATABASE_NAME
@@ -281,9 +267,9 @@ spec:
           - name: store-vol
             mountPath: /private/tsc/config
             subPath: tsc/config
-          - name: store-vol
+          - name: db-ssl-cert-vol
             mountPath: /private/tsc/certificates
-            subPath: tsc/certificates
+            readOnly: true
 {{- if (include "cp-core-configuration.enableLogging" .) }}
       - name: fluentbit
         image: {{ include "cp-core-configuration.container-registry" .}}{{"/"}}{{ include "cp-core-configuration.image-repository" . }}{{"/"}}{{ .Values.global.tibco.logging.fluentbit.image.name }}:{{ .Values.global.tibco.logging.fluentbit.image.tag }}
@@ -333,6 +319,9 @@ spec:
           configMap:
             name: {{ include "tp-cp-cronjobs.consts.appName" . }}-fluentbit-config
 {{- end }}
+        - name: db-ssl-cert-vol
+          secret:
+            secretName: {{ .Values.global.tibco.db_ssl_root_cert_secretname }}
         - name: store-vol
           persistentVolumeClaim:
             claimName: {{ include "cp-core-configuration.pvc-name" . }}

diff --git a/charts/tp-cp-core/charts/cronjobs/values.yaml b/charts/tp-cp-core/charts/cronjobs/values.yaml
@@ -9,7 +9,9 @@ global:
   tibco:
     image_name:
       cronjobs: ""
-    image_repo_path: ""      
+    image_repo_path: ""
+    db_ssl_root_cert_secretname: "db-ssl-root-cert"
+    db_ssl_root_cert_filename: "db_ssl_root.cert"
     logging:
       fluentbit:
         image:
@@ -19,6 +21,11 @@ global:
       distroless_debian:
         name: "common-distroless-base-debian-debug"
         tag: 12
+    cronjobs:
+      disableProvisionInfraCapabilitiesJob: "false"
+      disableGdprPurgeHistoryJob: "true"
+      disableIdmCleanUpJob: "false"
+      disableIdmNotifyCertificatesExpiryJob: "true"
 
   # Pod Security Context configuration
   # This configuration ensures that the pod is run with non-root privileges for enhanced security.

diff --git a/charts/tp-cp-core/charts/email-service/Chart.yaml b/charts/tp-cp-core/charts/email-service/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 1.3.0
+appVersion: 1.3.0-HF3
 description: A Helm chart for -- Email service
 name: email-service
-version: 1.3.320
+version: 1.3.333
diff --git a/charts/tp-cp-core/charts/email-service/templates/_consts.tpl b/charts/tp-cp-core/charts/email-service/templates/_consts.tpl
@@ -38,13 +38,6 @@
 {{- end }}
 {{- end }}
 
-{{- define "cp-core-configuration.provider-name" }}
-{{- if .Values.providerName }}
-  {{- .Values.providerName }}
-{{- else }}
-{{- include "cp-env.get" (dict "key" "CP_PROVIDER" "default" "aws" "required" "false"  "Release" .Release )}}
-{{- end }}
-{{- end }}
 
 {{- define "cp-core-configuration.service-account-name" }}
 {{- if .Values.serviceAccount }}

diff --git a/charts/tp-cp-core/charts/email-service/templates/_generated.tpl b/charts/tp-cp-core/charts/email-service/templates/_generated.tpl
@@ -1,2 +1,2 @@
-{{- define "email-service.generated.buildNumber" }}320{{end -}}
-{{- define "email-service.generated.buildTimestamp" }}08-27-24_12.13.45_PM{{end -}}
+{{- define "email-service.generated.buildNumber" }}333-1.3.0-HF{{end -}}
+{{- define "email-service.generated.buildTimestamp" }}12-05-24_05.21.36_AM{{end -}}
diff --git a/charts/tp-cp-core/charts/email-service/templates/cp-email.yaml b/charts/tp-cp-core/charts/email-service/templates/cp-email.yaml
@@ -59,7 +59,7 @@ spec:
       securityContext:
         {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
       {{- end }}
-      {{- if eq ( include "cp-core-configuration.provider-name" . ) "aws" }}
+      {{- if eq .Values.global.external.emailServerType "ses" }}
       serviceAccountName: {{ include "cp-core-configuration.service-account-name" . }}
       {{- else }}
       automountServiceAccountToken: false

diff --git a/charts/tp-cp-core/charts/email-service/values.yaml b/charts/tp-cp-core/charts/email-service/values.yaml
@@ -8,7 +8,7 @@
 global:
   external:
     fromAndReplyToEmailAddress: ""
-    emailServerType: "smtp"
+    emailServerType: "ses"
     emailServer:
       ses:
         arn: ""

diff --git a/charts/tp-cp-core/charts/identity-management/Chart.yaml b/charts/tp-cp-core/charts/identity-management/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 1.3.0-HF2
+appVersion: 1.3.0-HF3
 description: A Helm Chart for TIBCO Platform Control Plane -- Identity Management
 name: identity-management
-version: 1.3.1659
+version: 1.3.1744
diff --git a/charts/tp-cp-core/charts/identity-management/templates/_consts.tpl b/charts/tp-cp-core/charts/identity-management/templates/_consts.tpl
@@ -49,15 +49,6 @@
 {{- end }}
 {{- end }}
 
-{{/* Provider name for control plane. Fail if the pvc not exist */}}
-{{- define "cp-core-configuration.provider-name" }}
-{{- if .Values.providerName }}
-  {{- .Values.providerName }}
-{{- else }}
-{{- include "cp-env.get" (dict "key" "CP_PROVIDER" "default" "aws" "required" "false"  "Release" .Release )}}
-{{- end }}
-{{- end }}
-
 {{/* Container registry for control plane. default value empty */}}
 {{- define "cp-core-configuration.container-registry" }}
   {{- include "cp-env.get" (dict "key" "CP_CONTAINER_REGISTRY" "default" "" "required" "false"  "Release" .Release )}}

diff --git a/charts/tp-cp-core/charts/identity-management/templates/_generated.tpl b/charts/tp-cp-core/charts/identity-management/templates/_generated.tpl
@@ -1,2 +1,2 @@
-{{- define "identity-management.generated.buildNumber" }}1659-1.3.0-HF{{end -}}
-{{- define "identity-management.generated.buildTimestamp" }}10-22-24_14.38.05_PM{{end -}}
+{{- define "identity-management.generated.buildNumber" }}1744-1.3.0-HF{{end -}}
+{{- define "identity-management.generated.buildTimestamp" }}12-05-24_07.36.13_AM{{end -}}
diff --git a/charts/tp-cp-core/charts/identity-management/templates/idm.yaml b/charts/tp-cp-core/charts/identity-management/templates/idm.yaml
@@ -272,8 +272,8 @@ spec:
           value: http://$(TP_CP_IDM_HOST):7831/v1/management/xregion-operations/
         - name: IDENTITY_MANAGEMENT_IDM_DIRECT_ACCESS_API_PATH
           value: http://$(TP_CP_IDM_HOST):7831/v1/management/direct-access/notify
-        - name: TIBCO_INTERNAL_IAAS_VENDOR
-          value: {{ include "cp-core-configuration.provider-name" . }}
+        - name: ENVIRONMENT_TYPE
+          value: {{ (.Values.global.external.environment | lower) }}
         - name: DEPLOYMENT_REGION
           value: {{ .Values.global.tibco.region }}
         - name: IDENTITY_MANAGEMENT_REGION_TO_PREFIX
@@ -318,7 +318,7 @@ spec:
         - name: IDENTITY_MANAGEMENT_DATABASE_ENDPOINT_URL
           value: "$(PGHOST):$(PGPORT)"
         - name: IDENTITY_MANAGEMENT_DATABASE_SSL_ROOT_CERT
-          value: {{ .Values.global.external.db_ssl_root_cert }}
+          value: /private/tsc/certificates/{{ .Values.global.tibco.db_ssl_root_cert_filename }}
         - name: IDENTITY_MANAGEMENT_DATABASE_MAX_OPEN_CONNECTIONS
           valueFrom:
             configMapKeyRef:
@@ -331,17 +331,13 @@ spec:
               key: TSC_ADMIN_DNS_DOMAIN
         - name: IDENTITY_MANAGEMENT_CP_SUFFIX
           value: {{ include "cp-core-configuration.cp-dns-domain" . }}
-        {{- if eq (include "cp-core-configuration.provider-name" .) "local" }}
-        - name: TIBCO_INTERNAL_VAGRANT
-          value: "true"
-        {{- end }}
         volumeMounts:
         - name: store-vol
           mountPath: /mnt/heapdumps
           subPath: tsc/idm/heapdumps
-        - name: store-vol
+        - name: db-ssl-cert-vol
           mountPath: /private/tsc/certificates
-          subPath: tsc/certificates
+          readOnly: true
         - name: store-vol
           mountPath: /private/tsc/config
           subPath: tsc/config
@@ -394,6 +390,9 @@ spec:
           configMap:
             name: {{ include "tp-identity-management.consts.appName" . }}-fluentbit-config
 {{- end }}
+        - name: db-ssl-cert-vol
+          secret:
+            secretName: {{ .Values.global.tibco.db_ssl_root_cert_secretname }}
         - name: store-vol
           persistentVolumeClaim:
             claimName: {{ include "cp-core-configuration.pvc-name" . }}
@@ -727,6 +726,7 @@ spec:
       fqdn: ${ALL_INTERNAL_TENANTS_DNS_DOMAINS},${TP_CP_WILDCARD_DNS_DOMAIN}
       methods:
       - POST
+      - GET
       configVariables:
         SECURE_REDIRECT_SKIP_ACCTS_CHECK: "true"
         SECURE_REDIRECT_SKIP_EULA_CHECK: "true"

diff --git a/charts/tp-cp-core/charts/identity-management/values.yaml b/charts/tp-cp-core/charts/identity-management/values.yaml
@@ -10,6 +10,8 @@ global:
     idm_cp_jwks_uri: "/private/tsc/config/idm/own-keystores/cic_cli_host.pem"
     region: "global"
     region_to_prefix: ""
+    db_ssl_root_cert_secretname: "db-ssl-root-cert"
+    db_ssl_root_cert_filename: "db_ssl_root.cert"
     image_name:
       identityManagement: ""
     image_repo_path: ""
@@ -25,6 +27,7 @@ global:
   external:
     region: ""
     enableLogging: false
+    environment: ""
 
   # Pod Security Context configuration
   # This configuration ensures that the pod is run with non-root privileges for enhanced security.

diff --git a/charts/tp-cp-core/charts/identity-provider/Chart.yaml b/charts/tp-cp-core/charts/identity-provider/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 1.3.0
+appVersion: 1.3.0-HF3
 description: A Helm Chart for TIBCO Platform Control Plane -- Identity Provider
 name: identity-provider
-version: 1.3.580
+version: 1.3.624
diff --git a/charts/tp-cp-core/charts/identity-provider/templates/_generated.tpl b/charts/tp-cp-core/charts/identity-provider/templates/_generated.tpl
@@ -1,2 +1,2 @@
-{{- define "identity-provider.generated.buildNumber" }}580{{end -}}
-{{- define "identity-provider.generated.buildTimestamp" }}08-27-24_13.21.06_PM{{end -}}
+{{- define "identity-provider.generated.buildNumber" }}624-1.3.0-HF{{end -}}
+{{- define "identity-provider.generated.buildTimestamp" }}12-05-24_07.46.45_AM{{end -}}