DeployAI: Add marketplace BAE

aws/apps/deployai/marketplace/bae.yaml

@@ -0,0 +1,18 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: bae-marketplace
+  namespace: argocd
+spec:
+  destination:
+    namespace: deployai
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    path: aws/deployai/marketplace/bae
+    repoURL: https://github.com/FIWARE-Ops/fiware-gitops
+    targetRevision: HEAD
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true

aws/deployai/marketplace/bae/Chart.yaml

@@ -0,0 +1,12 @@
+apiVersion: v2
+name: business-api-ecosystem
+description: Chart holder for argo-cd
+
+type: application
+version: 0.9.2
+appVersion: "9.4.8"
+
+dependencies:
+- name: business-api-ecosystem
+  version: 0.9.2
+  repository: https://fiware.github.io/helm-charts

aws/deployai/marketplace/bae/templates/role-binding.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ .Release.Name }}-rb
+  labels:
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+subjects:
+  - kind: ServiceAccount
+    name: bae-marketplace-sa
+    namespace: {{ .Release.Namespace | quote }}
+roleRef:
+  kind: Role
+  name: {{ .Release.Name }}-scc-anyuid
+  apiGroup: rbac.authorization.k8s.io

aws/deployai/marketplace/bae/templates/role-openshift.yaml

@@ -0,0 +1,17 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ .Release.Name }}-scc-anyuid
+  labels:
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+rules:
+- apiGroups:
+  - security.openshift.io
+  resourceNames:
+  - anyuid
+  - privileged
+  resources:
+  - securitycontextconstraints
+  verbs:
+  - use

aws/deployai/marketplace/bae/templates/service-account.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: bae-marketplace-sa
+  labels:
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}

aws/deployai/marketplace/bae/values.yaml

@@ -0,0 +1,198 @@
+business-api-ecosystem:
+
+  bizEcosystemApis:
+    # should set the path to the new apis.
+    fullnameOverride: tmforum-api-proxy
+    enabled: false
+
+    tmForum:
+      catalog:
+        host: tm-forum-api-product-catalog
+        port: 8080
+        path: 
+      inventory:
+        host: tm-forum-api-product-inventory
+        port: 8080
+        path: 
+      ordering:
+        host: tm-forum-api-product-ordering-management
+        port: 8080
+        path: 
+      billing:
+        host: tm-forum-api-account
+        port: 8080
+        path: 
+      usage:
+        host: tm-forum-api-usage-management
+        port: 8080
+        path: 
+      party:
+        host: tm-forum-api-party-catalog
+        port: 8080
+        path: 
+      customer:
+        host: tm-forum-api-customer-management
+        port: 8080
+        path: 
+      resources:
+        host: tm-forum-api-resource-catalog
+        port: 8080
+        path: 
+      services:
+        host: tm-forum-api-service-catalog
+        port: 8080
+        path: 
+      resourceInventory:
+        host: tm-forum-api-resource-inventory
+        port: 8080
+        path:
+
+  bizEcosystemRss:
+    enabled: false
+
+  siop:
+    enabled: true
+    clientId: marketplace-client
+    verifier:
+      host: https://verifier-marketplace.deployai.fiware.dev
+    allowedRoles:
+      - seller
+      - customer
+      - admin
+
+    # Configuration for the Credential Config Service initiation
+    ccs:
+      endpoint: "http://ccs-marketplace-credentials-config-service:8080"
+      defaultOidcScope: "defaultScope"
+      # -- Credential configurations for particular scopes
+      oidcScopes:
+        defaultScope:
+          - type: "VerifiableCredential"
+            trustedParticipantsLists: [
+              "https://tir.deployai.fiware.dev"
+            ]
+            trustedIssuersLists: [
+              "http://til-marketplace-trusted-issuers-list:8080"
+            ]
+          - type: "LegalPersonCredential"
+            trustedParticipantsLists: [
+              "https://tir.deployai.fiware.dev"
+            ]
+            trustedIssuersLists: [
+              "http://til-marketplace-trusted-issuers-list:8080"
+            ]
+          - type: "LEARCredentialEmployee"
+            trustedParticipantsLists: [
+              "https://tir.deployai.fiware.dev"
+            ]
+            trustedIssuersLists: [
+              "http://til-marketplace-trusted-issuers-list:8080"
+            ]
+
+  externalUrl: https://marketplace.deployai.fiware.dev
+
+  bizEcosystemChargingBackend:
+
+    maxUploadSize: "5242880"
+
+    # ServiceAccount is created via templates
+    serviceAccount:
+      create: false
+      name: bae-marketplace-sa
+
+    securityContext:
+      ## -- specifies the user UID
+      runAsUser: 0
+      ## -- specifies the group GID
+      runAsGroup: 0
+
+    deployment:
+      image:
+        repository: fiware/biz-ecosystem-charging-backend
+        tag: 9.1.2
+        pullPolicy: Always
+
+    plugins:
+      enabled: true
+      annotations:
+        helm.sh/resource-policy: "keep"
+
+    media:
+      enabled: true
+
+    port: 8006
+
+    loglevel: debug
+
+    payment:
+      method: None
+
+    # Use existing secret
+    existingSecret: bae-cb-secret
+
+    db: 
+      host: mongodb
+      database: charging_db
+      user: charging
+
+    backup:
+      enabled: false
+
+    initContainers: false
+    propagateToken: true
+    basePath: /opt/business-ecosystem-charging-backend
+    token: 
+      enabled: false
+
+  bizEcosystemLogicProxy:
+
+    # ServiceAccount is created via templates
+    serviceAccount:
+      create: false
+      name: bae-marketplace-sa
+
+    securityContext:
+      ## -- specifies the user UID
+      runAsUser: 0
+      ## -- specifies the group GID
+      runAsGroup: 0
+
+    # Use existing secret
+    existingSecret: bae-lp-secret
+
+    statefulset:
+      image:
+        repository: fiware/biz-ecosystem-logic-proxy
+        tag: "9.4.8"
+        pullPolicy: Always
+
+    route:
+      enabled: true
+      routes:
+        - host: marketplace.deployai.fiware.dev
+          tls:
+            insecureEdgeTerminationPolicy: Redirect
+            termination: edge
+          certificate:
+            issuer:
+              kind: ClusterIssuer
+              name: letsencrypt-aws-prod
+    ingress: 
+      enabled: false
+
+    port: 8004
+    nodeEnvironment: production
+
+    db:
+      host: mongodb
+      database: belp_db
+      user: belp
+    basePath: /opt/business-ecosystem-logic-proxy
+
+    externalIdp:
+      enabled: true
+    initContainers: false
+    propagateToken: true
+    additionalEnvVars:
+      - name: BAE_LP_LEGACY_GUI
+        value: true

aws/deployai/secrets/bae-cb-sealed-secret.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  creationTimestamp: null
+  name: bae-cb-secret
+  namespace: deployai
+spec:
+  encryptedData:
+    dbPassword: AgDP1JgG7/Be7nd5S9uQmbyBRRTXqdurr/Oq/U5FWcxGcPwQup922S94rVP/Wuv/nvbAMgw2Tp5RQWCKb/DQtJnU5RdwgbzsGS7Bb4w7pt285Hi32gkaSUVZlvV/kwXNtGD5/wjGqvmdhd0V0AiW9yWyow0cvhoi+t6NoEi2X1U75DrbCpuZ97yrrPWDra9zDnSeNzF82Oof817B+I0oLC40HBhuQWdM0iByZXKNmipU1ecnh0rXFkoewZOxDB5QSp0gVqA8aykHJ8k/z7u4FXyNCQQtpXajIBnm0q1LE4Gq/yHpwZZ1LjdT+sDrVNkX+pduBUtcIvYsiPKIkd+4PrPrtHOoQdlDCW/HjPasdKbyLllWGBvHKFmPyZ1khe/UqiqclxY5C6hk4XXx3G4kI7g87Rr7eCWhrwSM9pO9tIzPL9KRSZqyTZKnS5LGeBUXc0m89YPzHmxG1m1IlLzR48lJLMyRdosIO/9Kl4FJ34fTbXFPzNn4rNFljm2NcczCw5uRhO1/oIx4gVuNTQnRBqB0vbSraTGTZi36PLyMTCtO9fTrKFTrZoe++Iqa7sxQPqDbYmgYB26m0Kjz6M5JpSX1nJynEwMHqf99f9yvNda30y0IYKK+9O1Xk7LDsPBPS1r0xK8caRFBRZzES+NteHieuCc8+amvv4oz9lEPZ8vvDzJUHSzvTxhQ2LbxlBXA4BAzbSniw+7eHg==
+    paypalClientSecret: AgCkC/nqMSNxAx4FO14BoQkMGQsN8SqRCLDWXq6df/v4REL/fgqwy7JPMG3m+ft431xMW6ycKbNHNnAfkMMBQP0esggGwbhXsMXMhF/PcGdwYVuWOb0kDfLfFUZkaJJ/opaq0GfZSV8/KxEihttcGhvJ7Rsa3Aylbi5pi+7qpoFiAknzN/seYRxDpfr8DppHEU3/NFTBE0dJPAwBe/Mnj9Qw7K2e46/EqcOfqKkeVBjdcw+NL4VhR4J8SzYvCi+8h262GsKOq6bCtk3GouYGnzPX0hymKRgH6CtGHyxCdUqhNvDY0fbVz42h3Cz8ljs1yocXff9itlStUQP2Y5Ll6ssXOfjYMoue/ZUvtqKGvyVIM13ajPZxlVL7jb2uvvg92PhGpLeWTcDl95Ue16d7COe0Nl2ggIgqeEAXGOgBHXbHyLSofCcFrdJjVnMrAr/ddIZyeMZUYLi9V6VQ0m15+PMJ6ITt7nJZceqlDC5ea8qzD2GPcwk2raHQkW49+5I3ONM/r0DcjFStxpptbf5vHg5694tYPQY730zx3AMnOsNEWyttjjQjZYLhWycUVCPaHEOaQoHSADzZq5lSyWRzZMblyQ4/CioBYlMjbOHYsCtUDkX4NLjliV9thl8/Wl4FxFXscsQ8WWQBynzQAtKLfrw4jHbLC0vLwxKlCm64bnToDFrrubw5oIGXlR3NKhUMF/E2oYVwOuRamv09
+    pluginsIdmPassword: AgB/TM0WY45pP7/RyXnNYet05uQW42mFLRfy1DAeUsr786t2Bi7kmNW0C4BEbgtE4k1wH/FHva6x9Hsy+lDszpx6jRptcx+5LCU8r8utUdKV3MVJgSsCEX/OGw/pGKe8ynM/5yktI+kt1vH4zxL0nQpwOJjA2YJtvN2BsZa9SzQEgR31jd6alqVLaoVxDYDaCwxxNBSopV2bT2HucQbVimVNrdGN4Rh4qx92B7Gw1tjI8yPN9TlFoWGj3pwi+zz/mhtorcey5lJa8TVxjkXkSNf+V4lReydL3eTwv7uiuZLwH2PTBDG15Rm/hahzxCFR9J9oKg67sLkTyjN6LvrpqgRBa1rWtiiHcWymuNgVwz2cvf1hown5XdoMqzGV8hoDaE1wHObyymXkKF9rKbAn1rtsOrDX5zttsJOBixkaNpJRriTyiRRaOpuZ124r7ie9ThHD2Z2deX8CHLx8RuFmORr2IyFLoU74GR2/TxyPvBsrSNeQPAxfn6XqIUIDP1BvfbSiPFVx68rqelzx+BjgJrT4BCMh3J+Uo1mHBWiQGbXfs1AB9dpSOTsYg0vtIhoRc8x9JDqaS8TV/v8OIJ+tDKMi3ta8/+MCvTixyG1Yg6bfSo+MWeSAVDeed6KPC6bM6VaHWfSVhqldVyTwCbPgMfZfXXKdLJ4w17qF1xK9rusCeD8SzJBI9gvzjv5rKInTt0u8904WSdmOH2ew
+    smtpPassword: AgC6xO80d7hTAAc6LUfZfDvTQq4a0dAEzn66l/75Mx1lqOKgiRVbBrpMOZKIRkdvmVKMITmPSNgU5r5abjrWkR/ng6uIWw94Swq0or2xcaGlAK0Sikq9BGBKVc8I+jDm0QKgmhZM0uP5S1gWtQj7196L1ol0HUHtq8C2HDWp/qU0A5arSxCtnvavOfbr7jy6wKg2Yw932yJ8MjFG6jxVEWCgPxpMXaMiLFsewb53KVrZaOhAo6ICrtT7IsTP376spUqZ9QPK89K80GNmwClQvdeYe0hBnx8I63bqcBdwkaoDg73OX3fb3h0jdmiWL5vDTorjMHuwiVX3zhH2DeIHPCdfCfa1Dm3RUBPevpwdoR8e1jbCBirToyTqUE2fHbiridwS4c+oDnvoAVdWUZd30UEFh2+OPSdRYKwMq4PcgKR18+bx5wTiM6zbYaRLsJVCcuqcRBZ5gWcXYi9DSdOKIXymwW90Sk06j0dW/QPSmwCXJE2deJpyiQ8Tol/pmCGhhd1foSRXiPu2lqG8HTngdjebh+aUX8cINvoN314Nc8+Mt6+2O4B32U7miUC5lsutdp2OHyviSQt4oYcLI0uK5cepaH5bKK0jrv9/E0C8Yv4KEtM7cLwGsL60TMJokNwxKLNxmkNwtykshWCKZ7OfeeQzFT5Djtv9TzcbkRamEaOT1Cb7ZQv/H9ZFho8iCrWGghHhyhFib0x66Vwv
+  template:
+    metadata:
+      creationTimestamp: null
+      name: bae-cb-secret
+      namespace: deployai

aws/deployai/secrets/bae-lp-sealed-secret.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  creationTimestamp: null
+  name: bae-lp-secret
+  namespace: deployai
+spec:
+  encryptedData:
+    dbPassword: AgAMb3H9NDkvh9B5gDQtJQhQw2E/NYqKrQ71IgJAzLvNe97BbIfJo7XmijvOWBnYUPdkIF4Is3G4MmfJgNjNMCGZBNWjWg+0ITqGL9Uj765jD4CeGI1hWIlJf24ELPbsYZRqJm1PGNobP03nvMJRtmsVXdyRO9WCud6tw67CkTGfFA27rO+b976LaSxIj0oHsNUP9RweTfkfIJVnTd+BqVlLlRZEysRKyPQlDuuNiSmwmMPHi71lvOizxTYT+qz7oIa+ag62JPk/q6m0gy68V1CiW9fZXe9ufmDGe/TDiYi1HW+KJ7VZH1u4z0nvwrhRWKWldsQ+t36PTUWWtGnMbQmIb6KiiP8d67H2LLR7LmenLfIJESJatAQahjKOotqJVdNzrOxsMnsHoFlsOC1mAHEsCOsiRRvCTF1WnU4lhOzqfi4nNqMFj7ynr1z1zXTrcjQkdRMPjwtHH1LJjJKIrXd4co6y5W2be5InVDjOsRr3rkSURK/GyKicnDb8+KFY3hfQNzEW4aR4lOXYxzikbjPOoeq4PskNgGlzAMnBjbMO6SnmtD+Ijerv96B2rGQmDiP+Ihb3Okjj7a/iNxJfCEjONYRIh6LjG+KWWJuVIYtjupi2XQVLd16CZLfkJZk5M7wFZnt9cCK3RBgGKXqqjmnuBdzVa4nDesJcIBMmmECgyzTFyT07W4E3pkmDjkbyIVcYcJ2N
+    idmPassword: AgAvYzSgV4VhBbQFANES4bbGVdPvl76NmWfFtFpomRtX5JdjD3kiKL9iraWbASTZyxWa1PryZKieuulR9rWOGZ+ntelgD4yKOHyM2/eOdEr4OBWa2cqfiqDQQ0+nrkRHGlfzuZ0Fvfs7L8VefYwODbcvBFtPq+U4UF9lsnyiS2Dx9QtAGJOq+dCaWq4eKXSb4szmD2PJQUmgH7r+Hfu40rmtn3GZ60wwsnxOIsM4nasDGsz7xmyGeM5FgG3QumQBkKnAX+6XOhAcjsbxjt5GPdsPJ+HfgsE76VFQxN8NOu4cVSBD05Cfuzm3gY65Z2DOwm/sgmMaJHh1/eIITIpVQHvaIKMHJGTE94kHtcu9qL7iqT3Pi9Gwugnl1kSmIrWqMzG7/LbpSnw5Tg9l3tGHXQ4vrNi2sEeVeHut0KPiTJAcF/zPwluXePhQImgC4vGsaaDT76ot3HepiqjGmwNOiX8NzA1Dscw4WYx41GJZc/Z359g5vjF5SoMQ+4Aogj/+jO3KrdiK9fMm8E4ev9KTB+1bzsQ1GvrW/487yINb+uWYs4tqu9euakCsrSBXcz2NsAt+HqqNgTvebEmLXE7OAtC703PvSI5rcCTdIO/2SgRYtI4Y0bcMbbH9e6ySCJq7qhVd+EBXMnNF9nbn6wI1/D92MoV7FJpQ5kJ8lZC6e0B8x8gplGkW3hjdXnD8t4wrzHLcxGpZZ30aDKuM
+    oauthClientSecret: AgALsX55XxkoG51ZOpTFa6hYjgtc7WbACloOreFUXic2Cowp3BTb4pd3t+AwjvYmIF311KUVBiYTV+l+u1X/FlppP7vGWKgISW4/IwY3jcyjJm+sbxm/LdsngCgyIDJQ3Dj9Kfo8y5EaNqxvPidCfNeR/0o94FwbDl7n0DVIpCYrEWVS4F+INnQuuMogc0QWkJOaCY7JDaMDk93fbbylKMriXj+92k1mAk7A9TBgTyQGj6m0qWNEV55m+WwQifrIZPRagDsy1c8sDODV5nk3CfQPTGsEnw332WsxNklG7BHtpKI5CSomg9evC1fq40NM9oh9iTkqs9RmeJSs2eMveV8IAM5s/XyXWg+ZN3Rse6vtILV3vXO32v4ypd2Kid2VIM7RYOoUoCwzI7ch2lBuJR2KKXW0F3oZVeyCsyKdOvDVpJnT1zPbrrsbBDXkkKY9RKClqQAAzniaSPtOLKaKx+GfWVK59r8Oi21I039Bo2OGEw307OCrvcsSjsd99getBJIvmSx7f085l05aAe1cqsvrgZOg6yB+JwumLtqMebpyiOImsOv/q3sx4AJt+GJ28+mVByismqkStgk/rwdCqz2v4wS+1HZjItGLvcesf2na2bNZsK54WO7aw/eH9dNU6FPztnioeXL6vVCHbD7AoHqRaNzZvtiSHZn9bpZs0pk+M4T1WeS7xjjzyukak3OTVMmrpkfn35SxUKJU
+  template:
+    metadata:
+      creationTimestamp: null
+      name: bae-lp-secret
+      namespace: deployai