Merge pull request #2076 from CrowleyRajapakse/new-main5

Template control plane related configurations

.github/workflows/agent-integration-test.yml

@@ -73,7 +73,12 @@ jobs:
       run: |
         cd apk-repo/helm-charts
         helm dependency build
-        helm install apk-test-setup -n apk . --debug --wait --timeout 15m0s 
+        helm install apk-test-setup -n apk . --debug --wait --timeout 15m0s \
+        --set wso2.apk.dp.commonController.deployment.controlplane.enabled=true \
+        --set wso2.apk.dp.commonController.deployment.controlplane.host="apim-apk-agent-service.apk.svc.cluster.local" \
+        --set wso2.apk.dp.commonController.deployment.controlplane.skipSSLVerification=true \
+        --set wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.JWKSClient.skipSSLVerification=false \
+        --set wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.JWKSClient.hostnameVerifier="AllowAll" 
         kubectl get pods -n apk
         kubectl get svc -n apk
 

helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml

@@ -22,6 +22,19 @@ data:
 
     [commoncontroller.truststore]
       location = "/home/wso2/security/truststore"
+    
+     {{- if .Values.wso2.apk.dp.commonController.deployment.controlplane }}
+    [commoncontroller.controlplane]
+       enabled = {{ .Values.wso2.apk.dp.commonController.deployment.controlplane.enabled | default true }}
+       host = "{{ .Values.wso2.apk.dp.commonController.deployment.controlplane.host | default "apim-apk-agent-service.apk.svc.cluster.local" }}"
+       port = "{{ .Values.wso2.apk.dp.commonController.deployment.controlplane.port | default "18000" }}"
+       skipSSLVerification = {{ .Values.wso2.apk.dp.commonController.deployment.controlplane.skipSSLVerification | default false }}
+    {{- else }}
+    [commoncontroller.controlplane]
+       enabled = false
+       host = "apim-apk-agent-service.apk.svc.cluster.local"
+       skipSSLVerification = true
+    {{- end }}
 
     [commoncontroller.redis]
     {{- if .Values.wso2.apk.dp.commonController.deployment.redis }}
@@ -51,9 +64,7 @@ data:
     
     [commoncontroller.webServer]
       port = 9543
-    # [commoncontroller.controlplane]
-    #   host= "apim-apk-agent-service.apk-agent.svc.cluster.local"
-    #   port= 18000
+
   log_config.toml: |
     # The logging configuration for Adapter
 

helm-charts/templates/data-plane/gateway-components/log-conf.yaml

@@ -110,6 +110,12 @@ data:
     [enforcer.metrics]
       enabled = false
 
+    {{- if and .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.JWKSClient }}
+    [enforcer.client]
+       skipSSL = {{ .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.JWKSClient.skipSSLVerification | default false }}
+       hostnameVerifier = "{{ .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.JWKSClient.hostnameVerifier | default "AllowAll" }}"
+    {{- end }}
+
     {{ if and .Values.wso2.apk.dp.gatewayRuntime.tracing .Values.wso2.apk.dp.gatewayRuntime.tracing.enabled }}
     [tracing]
       enabled = true

helm-charts/values.yaml

@@ -147,6 +147,10 @@ wso2:
           image: wso2/apk-common-controller:latest
           security:
             sslHostname: "commoncontroller"
+#          controlplane:
+#            enabled: true
+#            host: "apim-apk-agent-service.apk.svc.cluster.local"
+#            skipSSLVerification: true
           # configs:
           #   apiNamespaces:
           #     - "apk-v12"
@@ -237,11 +241,14 @@ wso2:
               sslHostname: "enforcer"
 #            logging:
 #              level: DEBUG
-            # configs:
-            #   tls:
-            #     secretName: "router-cert"
-            #     certKeyFilename: ""
-            #     certFilename: ""
+#            configs:
+#              tls:
+#                secretName: "router-cert"
+#                certKeyFilename: ""
+#                certFilename: ""
+#              JWKSClient:
+#                skipSSLVerification: false
+#                hostnameVerifier: "AllowAll"
 idp:
   enabled: true
   listener: