Skip to content

v4.0.1 - Mojaloop v15 support
Compare
Choose a tag to compare
@dfry dfry released this 05 Apr 14:50
· 15 commits to main since this release
v4.0.1
512c36a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This IaC release now supports Mojaloop v15 Release, taking full advantage of the maintenance and security improvements introduced by this release. Most notably, the Externalised Secrets supported by the Mojaloop Helm chart are now fully managed by IaC's internal Vault. These Externalised Secrets auto-generated will only be stored in the Vault, as opposed to the previous version where the random passwords were generated in terraform prior to deployment of the Helm chart, which resulted in the username-passwords being stored in the terraform state file.

The Mojaloop external dependencies (e.g. stateful services like MySQL, MongoDB, etc) now make use of the Vault operator (see #6 below), via the creation of the appropriate custom resources (RandomSecret and VaultSecret). The Mojaloop Helm install config now references the secrets generated by this process (see #8 below).

Please note that other external resources that are created for WSO2, Ory stack components, etc, which don't support the use of externalized secrets are still configured using the previous approach of generating passwords within Terraform, storing them in Vault and referencing the credentials in their respective values files directly.

What's Changed

  1. Support for Mojaloop v15 Release
  2. Added a new stateful service for TTK mongoDB
  3. Refactored the test pipelines to use helm tests instead of TTK CLI directly (mojaloop/3239)
  4. Added capability to get the report history in TTK interface
  5. Enabled “Settlement Initiation Report” by default in terraform/k8s-apps-setup/mojaloop-core/mojaloop-custom-reports/config.json
  6. Add support for vault operator (https://github.com/redhat-cop/vault-config-operator) to allow for creation and storing of random secrets in vault as well as CR-generated K8S secrets from these same vault secrets.
  7. Custom Resource (CR) based method to auto generate credentials for the creation of stateful resources (mysql/etc)
  8. CR-based creation of K8S secrets in multiple namespaces that can then be referenced in different helm charts.
  9. Refactored mojaloop values file to support setting secrets as opposed to passwords.

Known Issues

Full Changelog: v4.0.0...v4.0.1

Assets 2
Loading