- |
+ |
{
"configs": "{{ .Release.Name }}-hyperswitch-configs",
"secrets": "{{ .Release.Name }}-hyperswitch-secrets"
}
|
Common references for templated resource names |
- |
+ |
"{{ .Release.Name }}-hyperswitch-configs"
|
Hyperswitch configs reference with release name prefix |
- |
+ |
"{{ .Release.Name }}-hyperswitch-secrets"
|
Hyperswitch secrets reference with release name prefix |
- |
+ |
+ [
+ {
+ "setCanaryScale": {
+ "replicas": 2
+ }
+ },
+ {
+ "setWeight": 0
+ },
+ {
+ "pause": {}
+ },
+ {
+ "setWeight": 50
+ },
+ {
+ "pause": {
+ "duration": "1m"
+ }
+ },
+ {
+ "setWeight": 75
+ },
+ {
+ "pause": {
+ "duration": "1m"
+ }
+ },
+ {
+ "setWeight": 100
+ }
+]
|
+ Canary deployment steps with traffic percentage and pause duration |
+
+ |
+ false
|
+ Enable header-based canary routing |
+
+ |
+ [
+ {
+ "headerName": "X-Canary-Test",
+ "headerValue": {
+ "exact": "true"
+ }
+ }
+]
|
+ Header matching rules |
+
+ |
+ "header-canary-route"
|
+ Route name for managed header routing |
+
+ |
+ {
+ "destinationRule": {
+ "canarySubsetName": "canary",
+ "stableSubsetName": "stable"
+ },
+ "enabled": true
+}
|
+ Enable Istio traffic management for canary deployments |
+
+ |
+ {
+ "canarySubsetName": "canary",
+ "stableSubsetName": "stable"
+}
|
+ DestinationRule subset names |
+
+ |
+ false
|
+ Enable Argo Rollouts for canary deployments (uses Rollout resource instead of Deployment) When disabled, standard Kubernetes Deployment is used |
+
+ |
+ 3
|
+ Revision history limit for rollouts |
+
+ |
true
|
|
- |
- 10
|
+ |
+ 5
|
|
- |
- 1
|
+ |
+ 3
|
|
- |
+ |
80
|
|
- |
+ |
"clickhouse"
|
|
- |
+ |
"bitnamilegacy/clickhouse"
|
|
- |
+ |
24.3
|
|
- |
+ |
"none"
|
|
- |
+ |
"bitnamilegacy/zookeeper"
|
|
- |
+ |
false
|
Enable External Secrets Operator resources |
- |
+ |
[
{
"creationPolicy": "Owner",
@@ -773,11 +913,11 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
]
|
List of external secrets to create You can define multiple secrets here |
- |
+ |
"Owner"
|
Creation policy |
- |
+ |
[
{
"extract": {
@@ -787,19 +927,19 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
]
|
Extract configuration (use dataFrom.extract for full secret) |
- |
+ |
"1h"
|
Refresh interval |
- |
+ |
"hyperswitch-secrets"
|
Target secret name in Kubernetes |
- |
+ |
"hyperswitch-secret-store"
|
Name of the SecretStore |
- |
+ |
{
"aws": {
"auth": {
@@ -815,220 +955,200 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Provider configuration (matches External Secrets Operator format) You can use any supported provider here see: https://external-secrets.io/latest/ |
- |
+ |
{}
|
Annotations for the service account (e.g., IRSA role) |
- |
+ |
true
|
Create service account |
- |
+ |
{}
|
Extra labels for the service account |
- |
+ |
""
|
Name of the service account (default: hyperswitch-eso-sa) |
- |
+ |
true
|
|
- |
+ |
"bitnamilegacy/postgresql:16.1.0-debian-11-r18"
|
|
- |
+ |
"docker.io"
|
|
- |
+ |
"bitnamilegacy/clickhouse:24.3"
|
|
- |
+ |
"docker.io"
|
|
- |
+ |
30
|
|
- |
+ |
"bitnamilegacy/postgresql:16.1.0-debian-11-r18"
|
|
- |
+ |
"docker.io"
|
|
- |
+ |
60
|
|
- |
+ |
true
|
|
- |
+ |
"christophwurst/diesel-cli:latest"
|
|
- |
+ |
"docker.io"
|
|
- |
+ |
"tags"
|
|
- |
- {
- "router": {
- "trafficPolicy": {}
- }
-}
|
- DestinationRule configuration |
-
- |
+ |
{
"trafficPolicy": {}
}
|
- Router DestinationRule configuration |
+ DestinationRule configuration |
- |
+ |
{}
|
Traffic policy configuration for router - rendered directly as YAML |
- |
+ |
false
|
Enable Istio resources |
- |
+ |
{
"create": true,
"gateways": [],
"hosts": [],
"http": [
{
- "router": {
- "rules": [
- {
- "match": [],
- "retries": {},
- "timeout": "50s",
- "weight": 100
- }
- ]
- }
+ "match": [],
+ "retries": {},
+ "timeout": "50s",
+ "weight": 100
}
]
}
|
VirtualService configuration |
- |
+ |
true
|
Create VirtualService |
- |
+ |
[]
|
Gateways for the VirtualService |
- |
+ |
[]
|
Hosts for the VirtualService |
- |
+ |
[
{
- "router": {
- "rules": [
- {
- "match": [],
- "retries": {},
- "timeout": "50s",
- "weight": 100
- }
- ]
- }
+ "match": [],
+ "retries": {},
+ "timeout": "50s",
+ "weight": 100
}
]
|
HTTP routing rules (ordered list) Note: Rules are processed in the order they appear in this list. Ensure specific routes (like /api/) come before catch-all routes (like /). |
- |
+ |
"none"
|
|
- |
+ |
"none"
|
|
- |
+ |
"offsets.topic.replication.factor=1\ntransaction.state.log.replication.factor=1\n"
|
|
- |
+ |
"bitnamilegacy/kafka"
|
|
- |
+ |
"bitnamilegacy/zookeeper"
|
|
- |
+ |
"loadBalancer-sg"
|
|
- |
+ |
"bitnamilegacy/postgresql"
|
|
- |
+ |
"16.1.0-debian-11-r18"
|
|
- |
+ |
"bitnamilegacy/redis"
|
|
- |
+ |
"7.2.3-debian-11-r2"
|
|
- |
+ |
true
|
|
- |
+ |
"bitnamilegacy/redis:7.2.3-debian-11-r2"
|
|
- |
+ |
"docker.io"
|
|
- |
+ |
60
|
|
- |
+ |
{}
|
Annotations that are to be added the the deployments (extends global configuration) |
- |
+ |
false
|
|
- |
+ |
"clickhouse"
|
The Analytics source/strategy to be used |
- |
+ |
10
|
Timeout for database connection in seconds |
- |
+ |
{
"_configRef": {
"key": "ROUTER__MASTER_DATABASE__DBNAME",
@@ -1037,7 +1157,7 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Database name |
- |
+ |
{
"_configRef": {
"key": "ROUTER__MASTER_DATABASE__HOST",
@@ -1046,11 +1166,11 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Database host |
- |
+ |
5
|
Number of connections to keep open |
- |
+ |
{
"_configRef": {
"key": "ROUTER__MASTER_DATABASE__PORT",
@@ -1059,11 +1179,11 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Database port |
- |
+ |
"Fifo"
|
Add the queue strategy used by the database bb8 client |
- |
+ |
{
"_configRef": {
"key": "ROUTER__MASTER_DATABASE__USERNAME",
@@ -1072,840 +1192,836 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Database username |
- |
+ |
"https://apple-pay-gateway.apple.com/paymentservices/registerMerchant"
|
Apple pay gateway merchant endpoint |
- |
+ |
"12345"
|
Default CellID for Global Cell Information |
- |
+ |
false
|
|
- |
+ |
"http://0.0.0.0:8000"
|
|
- |
+ |
"stripe,adyen,paypal,checkout,braintree,cybersource,square,worldpay,klarna,noon,archipel"
|
|
- |
+ |
"merchant_ids"
|
|
- |
+ |
"dummy_val"
|
|
- |
+ |
"dummy_val"
|
|
- |
+ |
true
|
|
- |
+ |
"dummy_val"
|
|
- |
+ |
"merchant_id_1"
|
|
- |
+ |
"merchant_id_2"
|
|
- |
+ |
"http://localhost:8080"
|
|
- |
+ |
{
"base_url": "http://localhost:8080"
}
|
Unified Authentication Service Configuration |
- |
+ |
"http://localhost:8080"
|
base url to call unified authentication service |
- |
+ |
"GET,POST,PUT,DELETE"
|
List of methods that are allowed |
- |
+ |
30
|
Maximum time (in seconds) for which this CORS request may be cached. |
- |
+ |
"https://hyperswti"
|
|
- |
+ |
true
|
If true, allows any origin to make requests |
- |
+ |
"hubspot_proxy"
|
|
- |
+ |
"form_id"
|
|
- |
+ |
"request_url"
|
|
- |
+ |
"SMTP"
|
The currently active email client |
- |
+ |
1
|
Number of days the api calls ( with jwt token ) can be made without verifying the email |
- |
+ |
"plaintext"
|
connection type to be used for the smtp server |
- |
+ |
"1025"
|
Port of the smtp server |
- |
+ |
10
|
timeout for the smtp server connection |
- |
+ |
"no_encryption"
|
Encryption manager client to be used |
- |
+ |
"hyperswitch-api-log-events"
|
Kafka topic to be used for incoming api events |
- |
+ |
"hyperswitch-payment-attempt-events"
|
Kafka topic to be used for PaymentAttempt events |
- |
+ |
"hyperswitch-audit-events"
|
Kafka topic to be used for Payment Audit events |
- |
+ |
"hyperswitch-authentication-events"
|
Kafka topic to be used for Authentication events |
- |
+ |
"kafka0:29092"
|
|
- |
+ |
"hyperswitch-outgoing-connector-events"
|
Kafka topic to be used for connector api events |
- |
+ |
"hyperswitch-consolidated-events"
|
Kafka topic to be used for Consolidated events |
- |
+ |
"hyperswitch-dispute-events"
|
Kafka topic to be used for Dispute events |
- |
+ |
"hyperswitch-fraud-check-events"
|
Kafka topic to be used for Fraud Check events |
- |
+ |
"hyperswitch-payment-intent-events"
|
Kafka topic to be used for PaymentIntent events |
- |
+ |
"hyperswitch-outgoing-webhook-events"
|
Kafka topic to be used for outgoing webhook events |
- |
+ |
"hyperswitch-payout-events"
|
Kafka topic to be used for Payouts and PayoutAttempt events |
- |
+ |
"hyperswitch-refund-events"
|
Kafka topic to be used for Refund events |
- |
+ |
"topic"
|
|
- |
+ |
"topic"
|
|
- |
+ |
"kafka"
|
The event sink to push events supports kafka or logs (stdout) |
- |
+ |
"bucket"
|
|
- |
+ |
"us-east-1"
|
|
- |
+ |
21600
|
|
- |
+ |
100
|
|
- |
+ |
172800
|
|
- |
+ |
"ach,bacs,sepa"
|
|
- |
+ |
"credit,debit"
|
|
- |
+ |
"paypal,pix,venmo"
|
|
- |
+ |
"900"
|
|
- |
+ |
""
|
Auto-generated from services.sdk. Override with custom URL if needed. |
- |
+ |
"https://app.hyperswitch.io/HyperswitchFavicon.png"
|
|
- |
+ |
"HyperSwitch"
|
|
- |
+ |
"#4285F4"
|
|
- |
+ |
"credit,debit"
|
|
- |
+ |
"900"
|
|
- |
+ |
""
|
Auto-generated from services.sdk. Override with custom URL if needed. |
- |
+ |
"https://app.hyperswitch.io/HyperswitchFavicon.png"
|
|
- |
+ |
"HyperSwitch"
|
|
- |
+ |
"#4285F4"
|
|
- |
+ |
"GOOGLE_PAY_ROOT_SIGNING_KEYS"
|
|
- |
+ |
"localhost"
|
Client Host |
- |
+ |
7000
|
Client Port |
- |
+ |
"dynamo"
|
Client Service Name |
- |
+ |
"http://127.0.0.1:8080"
|
|
- |
+ |
"http://localhost:8000"
|
|
- |
+ |
"10"
|
|
- |
+ |
"paytm, phonepe"
|
|
- |
+ |
"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn4glmrihAG7Vppqd3Hm\nRXZiGmuZW0J+NQt72453oSnGc6Sw1Fk/vY0WhQIn6/Ip1Xt6dnMyorI3b9RtfQNP\nDFND3/g7n2I9uMqEr6aYxg0pKw9UW3uBlzR5JzvMVnzEjIRfdtuqSlphdpAVuZPE\nFEN9kE/VasBIeaKmbYFZxmz4AN2IBBvqWCaqIQZOrTRzfGNhVBlX/O+Sv59cy6n6\nQEoYJ/Ww3R7cUlSrueQNlSubkoa8ihBcm9VA7Bdklrps7B17yzMTAgqhZPkLMIQQ\nDBI1vFDlSKrWHNXfm4WyAXJ8MXOl+ThNJdAoDw2wNJmfOrgaPQFiMfPZYgKl/2Gu\nYQIDAQAB\n-----END PUBLIC KEY-----\n"
|
|
- |
+ |
"dummy_val"
|
|
- |
+ |
"us-east-1"
|
AWS KMS region |
- |
+ |
false
|
|
- |
+ |
900
|
|
- |
+ |
500
|
Delay between retries in milliseconds |
- |
+ |
180
|
Seconds before the redis lock expires |
- |
+ |
"http://hyperswitch-vault"
|
Locker host |
- |
+ |
null
|
Rust Locker host |
- |
+ |
true
|
Boolean to enable or disable saving cards in locker |
- |
+ |
"1"
|
Key_id to sign basilisk hs locker |
- |
+ |
false
|
Emulate a locker locally using Postgres |
- |
+ |
220752000
|
Time to live for storage entries in locker |
- |
+ |
true
|
|
- |
+ |
"DEBUG"
|
Log level for console logs, ERROR, WARN, INFO, DEBUG |
- |
+ |
"json"
|
|
- |
+ |
false
|
|
- |
+ |
"DEBUG"
|
|
- |
+ |
"json"
|
|
- |
+ |
15
|
Interval for collecting the metrics in background thread |
- |
+ |
false
|
boolean [true or false], whether to ignore errors during traces or metrics pipeline setup |
- |
+ |
false
|
boolean [true or false], whether metrics are enabled |
- |
+ |
""
|
URL for external OpenTelemetry Collector endpoint to send metrics and traces to. The OpenTelemetry Collector must have a gRPC OTLP receiver listening at this endpoint. If left empty, the endpoint will be auto-configured as: -opentelemetry-collector..svc.cluster.local:4317 when using hyperswitch-stack with monitoring enabled. Leave empty for auto-configuration or specify custom endpoint. |
- |
+ |
5000
|
timeout (in milliseconds) for sending metrics and traces |
- |
+ |
"*/confirm"
|
|
- |
+ |
0.1
|
|
- |
+ |
false
|
boolean [true or false], whether traces are enabled |
- |
+ |
false
|
Set this to true for AWS X-ray compatible traces |
- |
+ |
10
|
Timeout for database connection in seconds |
- |
+ |
"20"
|
Number of connections to keep open |
- |
+ |
"Fifo"
|
Add the queue strategy used by the database bb8 client |
- |
+ |
false
|
|
- |
+ |
false
|
|
- |
+ |
"default"
|
|
- |
+ |
""
|
|
- |
+ |
"public"
|
|
- |
+ |
"global"
|
|
- |
+ |
"public"
|
|
- |
+ |
"http://localhost:8080"
|
|
- |
+ |
"default"
|
|
- |
+ |
""
|
|
- |
+ |
"public"
|
|
- |
+ |
"http://localhost:9000"
|
|
- |
+ |
"https://example.com/status"
|
|
- |
+ |
"https://example.com/delete"
|
|
- |
+ |
"https://example.com/fetch"
|
|
- |
+ |
"https://example.com/generate"
|
|
- |
+ |
"key_id"
|
|
- |
+ |
"private_key"
|
|
- |
+ |
"public_key"
|
|
- |
+ |
"api_key"
|
|
- |
+ |
"placeholder_webhook_key"
|
|
- |
+ |
"basic"
|
|
- |
+ |
"admin"
|
|
- |
+ |
"eu-central-1"
|
|
- |
+ |
"admin"
|
|
- |
+ |
false
|
|
- |
+ |
"https://localhost:9200"
|
|
- |
+ |
"hyperswitch-dispute-events"
|
|
- |
+ |
"hyperswitch-payment-attempt-events"
|
|
- |
+ |
"hyperswitch-payment-intent-events"
|
|
- |
+ |
"hyperswitch-refund-events"
|
|
- |
+ |
"sessionizer-dispute-events"
|
|
- |
+ |
"sessionizer-payment-attempt-events"
|
|
- |
+ |
"sessionizer-payment-intent-events"
|
|
- |
+ |
"sessionizer-refund-events"
|
|
- |
+ |
""
|
Auto-generated from services.sdk. Override with custom URL if needed. |
- |
+ |
900
|
Redis expiry time in milliseconds |
- |
+ |
"localhost, cluster.local"
|
A comma-separated list of domains or IP addresses that should not use the proxy. Whitespace between entries would be ignored. |
- |
+ |
false
|
|
- |
+ |
"http://proxy_http_url"
|
Outgoing proxy http URL to proxy the HTTP traffic |
- |
+ |
"https://proxy_https_url"
|
Outgoing proxy https URL to proxy the HTTPS traffic |
- |
+ |
false
|
|
- |
+ |
true
|
Whether or not the client should automatically pipeline commands across tasks when possible. |
- |
+ |
false
|
boolean |
- |
+ |
[
"redis.cluster.uri-1:8080",
"redis.cluster.uri-2:4115"
]
|
List of redis cluster urls |
- |
+ |
30
|
An optional timeout to apply to all commands. In seconds |
- |
+ |
900
|
Default TTL for hashes entries, in seconds |
- |
+ |
300
|
Default TTL for entries, in seconds |
- |
+ |
false
|
Whether or not to disable the automatic backpressure features when pipelining is enabled. |
- |
+ |
200
|
The maximum number of frames that will be fed to a socket before flushing. |
- |
+ |
5000
|
The maximum number of in-flight commands (per connection) before backpressure will be applied. |
- |
+ |
5
|
Number of connections to keep open |
- |
+ |
5
|
Delay between reconnection attempts, in milliseconds |
- |
+ |
5
|
Maximum number of reconnection attempts to make before failing. Set to 0 to retry forever. |
- |
+ |
1
|
Default number of entries to read from stream if not provided in stream read options |
- |
+ |
10
|
An optional timeout for Unresponsive commands in seconds. This should be less than default_command_timeout. |
- |
+ |
false
|
RESP protocol for fred crate (set this to true if using RESPv2 or redis version < 6) |
- |
+ |
10
|
Timeout for database connection in seconds |
- |
+ |
"20"
|
Number of connections to keep open |
- |
+ |
"Fifo"
|
Add the queue strategy used by the database bb8 client |
- |
+ |
"report_download_config_authentication_function"
|
Config to authentication function |
- |
+ |
"report_download_config_dispute_function"
|
Config to download dispute report |
- |
+ |
"report_download_config_payment_function"
|
Config to download payment report |
- |
+ |
"report_download_config_refund_function"
|
Config to download refund report |
- |
+ |
"report_download_config_region"
|
Region of the bucket |
- |
+ |
20
|
|
- |
+ |
20
|
|
- |
+ |
20
|
|
- |
+ |
20
|
|
- |
+ |
10
|
|
- |
+ |
35
|
|
- |
+ |
20
|
|
- |
+ |
20
|
|
- |
+ |
10368000
|
|
- |
+ |
1
|
|
- |
+ |
3888000
|
|
- |
+ |
"cascading"
|
|
- |
+ |
"1685510751"
|
|
- |
+ |
"no_encryption"
|
Secrets manager client to be used |
- |
+ |
"0.0.0.0"
|
|
- |
+ |
8080
|
|
- |
+ |
32768
|
HTTP Request body limit. Defaults to 32kB |
- |
+ |
30
|
For more details: https://actix.rs/docs/server/#graceful-shutdown |
- |
+ |
8
|
|
- |
+ |
"#FFFFFF"
|
Background color of email body |
- |
+ |
"https://example.com/logo.png"
|
Logo URL of the entity to be used in emails |
- |
+ |
"HyperSwitch"
|
Name of the entity to be showed in emails |
- |
+ |
"#000000"
|
Foreground color of email text |
- |
+ |
"#006DF9"
|
Primary color of email body |
- |
+ |
"bucket"
|
AWS S3 bucket name for theme storage |
- |
+ |
"bucket_region"
|
AWS region where the S3 bucket for theme storage is located |
- |
+ |
"aws_s3"
|
Theme storage backend to be used |
- |
+ |
"http://localhost:9000"
|
|
- |
+ |
false
|
|
- |
+ |
false
|
|
- |
+ |
"90"
|
|
- |
+ |
"Hyperswitch Sandbox"
|
|
- |
+ |
"300"
|
|
- |
- false
|
- |
-
- |
+ |
false
|
Enable or disable keymanager |
- |
+ |
""
|
KeyManager service URL |
- |
+ |
{}
|
Labels to be added to the deployment's (match labels) and their pods (extends global configuration) |
- |
+ |
{}
|
Annotations that are to be added to the pods (extends global configuration) |
- |
+ |
600
|
|
- |
+ |
1
|
Number of replicas to be used for the application |
- |
+ |
{
"limits": {
"cpu": "1000m",
@@ -1918,41 +2034,52 @@ Refer our [postman collection](https://www.postman.com/hyperswitch/workspace/hyp
}
|
Resource requests and limits for the router/server |
- |
+ |
"sandbox"
|
Processor URLs will be decided based on this config, Eg: production, sandbox or integ |
- |
+ |
+ {
+ "http": 80,
+ "https": 443
+}
|
+ service ports |
+
+ |
+ "ClusterIP"
|
+ service type |
+
+ |
{
"eks.amazonaws.com/role-arn": "my-role-arn"
}
|
Annotations to be added to the service account |
- |
+ |
true
|
Service account creation for the application |
- |
+ |
{}
|
Labels to be added to the service account |
- |
+ |
""
|
Service account name for the application ( default: -hyperswitch-router-role) |
- |
+ |
1
|
|
- |
+ |
0
|
|
- |
+ |
"RollingUpdate"
|
|
- |
+ |
30
|
The time kubernetes will wait after sending the termination signal to the pods |
diff --git a/charts/incubator/hyperswitch-app/templates/router/ingress.yaml b/charts/incubator/hyperswitch-app/templates/router/ingress.yaml
index 3c3f6f30..8abcf34f 100644
--- a/charts/incubator/hyperswitch-app/templates/router/ingress.yaml
+++ b/charts/incubator/hyperswitch-app/templates/router/ingress.yaml
@@ -1,36 +1,61 @@
{{- if and .Values.services.router.enabled .Values.server.ingress.enabled}}
+{{- $name := include "hyperswitch-server.name" . -}}
+{{- $svcPort := .Values.server.service.ports.http -}}
+{{- if and .Values.server.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.server.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.server.ingress.annotations "kubernetes.io/ingress.class" .Values.server.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
kind: Ingress
metadata:
- name: hyperswitch-alb-ingress
- namespace: {{ .Release.Namespace }}
+ name: {{ $name }}
+ labels:
+ {{- include "hyperswitch.labels" . | nindent 4 }}
+ {{- with .Values.server.ingress.annotations }}
annotations:
- alb.ingress.kubernetes.io/backend-protocol: HTTP
- alb.ingress.kubernetes.io/backend-protocol-version: HTTP1
- alb.ingress.kubernetes.io/group.name: hyperswitch-alb-ingress-group
- alb.ingress.kubernetes.io/healthcheck-interval-seconds: "5"
- alb.ingress.kubernetes.io/healthcheck-path: /health
- alb.ingress.kubernetes.io/healthcheck-port: "8080"
- alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
- alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "2"
- alb.ingress.kubernetes.io/healthy-threshold-count: "5"
- alb.ingress.kubernetes.io/ip-address-type: ipv4
- alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
- alb.ingress.kubernetes.io/load-balancer-name: hyperswitch
- alb.ingress.kubernetes.io/scheme: internet-facing
- alb.ingress.kubernetes.io/security-groups: {{ .Values.loadBalancer.targetSecurityGroup }}
- alb.ingress.kubernetes.io/tags: stack=hyperswitch-lb
- alb.ingress.kubernetes.io/target-type: ip
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
spec:
- ingressClassName: alb
+ {{- if and .Values.server.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+ ingressClassName: {{ .Values.server.ingress.className }}
+ {{- end }}
+ {{- if .Values.server.ingress.tls }}
+ tls:
+ {{- range .Values.server.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
rules:
- - http:
+ {{- range .Values.server.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
paths:
- - path: /
- pathType: Prefix
+ {{- range .paths }}
+ - path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+ pathType: {{ .pathType }}
+ {{- end }}
backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
- name: {{ include "hyperswitch-server.name" . }}
+ name: {{ $name }}
port:
- number: 80
+ number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $name }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
{{- end }}
diff --git a/charts/incubator/hyperswitch-app/templates/router/service.yaml b/charts/incubator/hyperswitch-app/templates/router/service.yaml
index 5f8f006e..71c163a3 100644
--- a/charts/incubator/hyperswitch-app/templates/router/service.yaml
+++ b/charts/incubator/hyperswitch-app/templates/router/service.yaml
@@ -11,16 +11,16 @@ spec:
ipFamilyPolicy: SingleStack
ports:
- name: http
- port: 80
+ port: {{ .Values.server.service.ports.http }}
protocol: TCP
targetPort: 8080
- name: https
- port: 443
+ port: {{ .Values.server.service.ports.https }}
protocol: TCP
targetPort: 8080
selector:
app: {{ include "hyperswitch-server.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
sessionAffinity: None
- type: ClusterIP
+ type: {{ .Values.server.service.type }}
{{- end }}
diff --git a/charts/incubator/hyperswitch-app/values.yaml b/charts/incubator/hyperswitch-app/values.yaml
index 3b43a94e..dc62a072 100644
--- a/charts/incubator/hyperswitch-app/values.yaml
+++ b/charts/incubator/hyperswitch-app/values.yaml
@@ -129,9 +129,45 @@ _references:
server:
# -- Number of replicas to be used for the application
replicas: 1
- # Ingress Configurations for hyperswitch router
+ # -- Ingress configuration
+ # @section -- hyperswitch router
ingress:
+ # -- Enable ingress controller resource
+ # @section -- hyperswitch router
enabled: false
+ # -- IngressClass that will be used to implement the Ingress
+ # @section -- hyperswitch router
+ className: ""
+ # -- Additional annotations for the Ingress resource
+ # @section -- hyperswitch router
+ annotations:
+ {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ # -- An array with hostname(s) to be covered with the ingress record
+ # @section -- hyperswitch router
+ hosts:
+ - host: hyperswitch-server.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ # -- TLS configuration for hostname(s) to be covered with this ingress record
+ # @section -- hyperswitch router
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+ # -- Service configuration
+ # @section -- hyperswitch router
+ service:
+ # -- service type
+ type: ClusterIP
+ # -- service ports
+ ports:
+ http: 80
+ https: 443
+
# Wait time allowed for the deployment before the deployment is marked as failed
progressDeadlineSeconds: 600
# The strategy that can be used to replace the old pods by new ones
diff --git a/charts/incubator/hyperswitch-control-center/README.md b/charts/incubator/hyperswitch-control-center/README.md
index 80850a52..a7ec0084 100644
--- a/charts/incubator/hyperswitch-control-center/README.md
+++ b/charts/incubator/hyperswitch-control-center/README.md
@@ -133,7 +133,6 @@ After deployment, verify the Control Center is working:
| config.default.endpoints.logo_url | string | `""` | |
| config.default.endpoints.mixpanel_token | string | `"dd4da7f62941557e716fbc0a19f9cc7e"` | |
| config.default.endpoints.recon_iframe_url | string | `""` | |
-| config.default.features.audit_trail | string | `"false"` | |
| config.default.features.authentication_analytics | string | `"false"` | |
| config.default.features.branding | string | `"false"` | |
| config.default.features.compliance_certificate | string | `"true"` | |
@@ -197,8 +196,9 @@ After deployment, verify the Control Center is working:
| config.default.theme.sidebar_secondary | string | `"#FFFFFF"` | |
| config.default.theme.sidebar_secondary_text_color | string | `"#525866"` | |
| config.mixpanelToken | string | `"dd4da7f62941557e716fbc0a19f9cc7e"` | |
-| dependencies.clickhouse.enabled | string | `"false"` | |
+| dependencies.clickhouse.enabled | bool | `false` | |
| dependencies.router.host | string | `"http://localhost:8080"` | |
+| dependencies.sdk.fullUrlOverride | string | `""` | |
| dependencies.sdk.host | string | `"http://localhost:9050"` | |
| dependencies.sdk.subversion | string | `"v1"` | |
| dependencies.sdk.version | string | `"0.126.0"` | |
@@ -208,7 +208,7 @@ After deployment, verify the Control Center is working:
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.registry | string | `"docker.juspay.io"` | |
| image.repository | string | `"juspaydotin/hyperswitch-control-center"` | |
-| image.tag | string | `""` | |
+| image.tag | string | `"v1.37.4"` | |
| imagePullSecrets | list | `[]` | |
| ingress.annotations | object | `{}` | |
| ingress.className | string | `""` | |
diff --git a/charts/incubator/hyperswitch-web/Chart.yaml b/charts/incubator/hyperswitch-web/Chart.yaml
index b1a8a1f4..c4c6b096 100644
--- a/charts/incubator/hyperswitch-web/Chart.yaml
+++ b/charts/incubator/hyperswitch-web/Chart.yaml
@@ -12,5 +12,5 @@ description: |-
assets
type: application
-version: 0.2.14
+version: 0.2.15
appVersion: "0.126.0"
diff --git a/charts/incubator/hyperswitch-web/README.md b/charts/incubator/hyperswitch-web/README.md
index cc77c05a..b27fd307 100644
--- a/charts/incubator/hyperswitch-web/README.md
+++ b/charts/incubator/hyperswitch-web/README.md
@@ -1,6 +1,6 @@
# hyperswitch-web
-  
+  
Helm chart for Hyperswitch SDK static Server. This chart allow end user to deploy standalone
[SDK](https://github.com/juspay/hyperswitch-web) with different way:
@@ -13,6 +13,20 @@ assets
## Values
+### hyperswitch sdkDemo
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| sdkDemo.ingress | object | `{"annotations":{},"className":"","enabled":true,"hosts":[{"host":"hyperswitch-sdk-demo.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Ingress configuration |
+| sdkDemo.ingress.annotations | object | `{}` | Additional annotations for the Ingress resource |
+| sdkDemo.ingress.className | string | `""` | IngressClass that will be used to implement the Ingress |
+| sdkDemo.ingress.enabled | bool | `true` | Enable ingress controller resource |
+| sdkDemo.ingress.hosts | list | `[{"host":"hyperswitch-sdk-demo.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}]` | An array with hostname(s) to be covered with the ingress record |
+| sdkDemo.ingress.tls | list | `[]` | TLS configuration for hostname(s) to be covered with this ingress record |
+| sdkDemo.service | object | `{"ports":{"http":80,"https":443},"type":"ClusterIP"}` | Service configuration |
+
+### Other Values
+
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| autoBuild.buildParam.disableCSP | string | `"false"` | |
@@ -59,6 +73,8 @@ assets
| sdkDemo.podAnnotations.traffic_sidecar_istio_io_excludeOutboundIPRanges | string | `"10.23.6.12/32"` | |
| sdkDemo.progressDeadlineSeconds | int | `600` | |
| sdkDemo.replicas | int | `1` | |
+| sdkDemo.service.ports | object | `{"http":80,"https":443}` | service ports |
+| sdkDemo.service.type | string | `"ClusterIP"` | service type |
| sdkDemo.serviceAccountAnnotations."eks.amazonaws.com/role-arn" | string | `nil` | |
| sdkDemo.strategy.rollingUpdate.maxSurge | int | `1` | |
| sdkDemo.strategy.rollingUpdate.maxUnavailable | int | `0` | |
diff --git a/charts/incubator/hyperswitch-web/templates/sdk-demo-app/ingress.yaml b/charts/incubator/hyperswitch-web/templates/sdk-demo-app/ingress.yaml
index 2a4719f0..01baecd2 100644
--- a/charts/incubator/hyperswitch-web/templates/sdk-demo-app/ingress.yaml
+++ b/charts/incubator/hyperswitch-web/templates/sdk-demo-app/ingress.yaml
@@ -1,30 +1,61 @@
-{{- if .Values.sdkDemo.enabled }}
+{{- if and .Values.sdkDemo.enabled .Values.sdkDemo.ingress.enabled}}
+{{- $fullName := .Values.sdkDemo.labels.app -}}
+{{- $svcPort := .Values.sdkDemo.service.ports.http -}}
+{{- if and .Values.sdkDemo.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.sdkDemo.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.sdkDemo.ingress.annotations "kubernetes.io/ingress.class" .Values.sdkDemo.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
kind: Ingress
metadata:
- name: "{{ .Values.sdkDemo.labels.app }}-ingress"
- namespace: hyperswitch
+ name: {{ $fullName }}
+ labels:
+ {{- include "sdk.labels" . | nindent 4 }}
+ {{- with .Values.sdkDemo.ingress.annotations }}
annotations:
- alb.ingress.kubernetes.io/backend-protocol: HTTP
- alb.ingress.kubernetes.io/backend-protocol-version: HTTP1
- alb.ingress.kubernetes.io/group.name: "{{ .Values.sdkDemo.labels.app }}-alb-ingress-group"
- alb.ingress.kubernetes.io/ip-address-type: ipv4
- alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
- alb.ingress.kubernetes.io/load-balancer-name: {{ .Values.sdkDemo.labels.app }}
- alb.ingress.kubernetes.io/scheme: internet-facing
- alb.ingress.kubernetes.io/security-groups: {{ .Values.loadBalancer.targetSecurityGroup }}
- alb.ingress.kubernetes.io/tags: stack=hyperswitch-lb
- alb.ingress.kubernetes.io/target-type: ip
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
spec:
- ingressClassName: alb
+ {{- if and .Values.sdkDemo.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+ ingressClassName: {{ .Values.sdkDemo.ingress.className }}
+ {{- end }}
+ {{- if .Values.sdkDemo.ingress.tls }}
+ tls:
+ {{- range .Values.sdkDemo.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
rules:
- - http:
+ {{- range .Values.sdkDemo.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
paths:
- - path: /
- pathType: Prefix
+ {{- range .paths }}
+ - path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+ pathType: {{ .pathType }}
+ {{- end }}
backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
- name: {{ .Values.sdkDemo.labels.app }}
+ name: {{ $fullName }}
port:
- number: 80
-{{- end }}
\ No newline at end of file
+ number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/incubator/hyperswitch-web/templates/sdk-demo-app/service.yaml b/charts/incubator/hyperswitch-web/templates/sdk-demo-app/service.yaml
index e4514486..2a358feb 100644
--- a/charts/incubator/hyperswitch-web/templates/sdk-demo-app/service.yaml
+++ b/charts/incubator/hyperswitch-web/templates/sdk-demo-app/service.yaml
@@ -11,15 +11,15 @@ spec:
ipFamilyPolicy: SingleStack
ports:
- name: http
- port: 80
+ port: {{ .Values.sdkDemo.service.ports.http }}
protocol: TCP
targetPort: 5252
- name: https
- port: 443
+ port: {{ .Values.sdkDemo.service.ports.https }}
protocol: TCP
targetPort: 5252
selector:
app: {{ .Values.sdkDemo.labels.app }}
sessionAffinity: None
type: ClusterIP
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/incubator/hyperswitch-web/values.yaml b/charts/incubator/hyperswitch-web/values.yaml
index ce306e89..dda1a2bc 100644
--- a/charts/incubator/hyperswitch-web/values.yaml
+++ b/charts/incubator/hyperswitch-web/values.yaml
@@ -8,6 +8,44 @@ sdkDemo:
enabled: true
# Number of replicas to be used for the application
replicas: 1
+ # -- Ingress configuration
+ # @section -- hyperswitch sdkDemo
+ ingress:
+ # -- Enable ingress controller resource
+ # @section -- hyperswitch sdkDemo
+ enabled: false
+ # -- IngressClass that will be used to implement the Ingress
+ # @section -- hyperswitch sdkDemo
+ className: ""
+ # -- Additional annotations for the Ingress resource
+ # @section -- hyperswitch sdkDemo
+ annotations:
+ {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ # -- An array with hostname(s) to be covered with the ingress record
+ # @section -- hyperswitch sdkDemo
+ hosts:
+ - host: hyperswitch-sdk-demo.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ # -- TLS configuration for hostname(s) to be covered with this ingress record
+ # @section -- hyperswitch sdkDemo
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+ # -- Service configuration
+ # @section -- hyperswitch sdkDemo
+ service:
+ # -- service type
+ type: ClusterIP
+ # -- service ports
+ ports:
+ http: 80
+ https: 443
# Wait time allowed for the deployment before the deployment is marked as failed
progressDeadlineSeconds: 600
# The strategy that can be used to replace the old pods by new ones