fixup! Migrate device-provisioning-service to repository

plgd-dev · Aug 19, 2024 · 4ae3694 · 4ae3694
1 parent b6bc1dc
commit 4ae3694
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 21 deletions.
diff --git a/charts/plgd-hub/README.md b/charts/plgd-hub/README.md
@@ -4,7 +4,7 @@
 
 More information are available in our [docs](https://plgd.dev/deployment/k8s/).
 
-### Required variables:
+### Required variables
 
 ```yaml
 # -- Global config variables
@@ -45,9 +45,9 @@ global:
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://charts.bitnami.com/bitnami | mongodb | 15.4.4 |
-| https://nats-io.github.io/k8s/helm/charts/ | nats | 1.1.9 |
-| https://scylla-operator-charts.storage.googleapis.com/stable | scylla | 1.10.0 |
+| <https://charts.bitnami.com/bitnami> | mongodb | 15.4.4 |
+| <https://nats-io.github.io/k8s/helm/charts/> | nats | 1.1.9 |
+| <https://scylla-operator-charts.storage.googleapis.com/stable> | scylla | 1.10.0 |
 
 ## Values
 
@@ -893,7 +893,7 @@ global:
 | resourcedirectory.service.type | string | `"ClusterIP"` | resource-directory service type |
 | resourcedirectory.tolerations | object | `{}` | Toleration definition |
 | scylla.datacenter | string | `"dc-1"` |  |
-| scylla.enabled | bool | `false` | Enable scylla service. Required scylla operator: https://github.com/scylladb/scylla-operator/blob/master/docs/source/generic.md#deploy-scylla-operator |
+| scylla.enabled | bool | `false` | Enable scylla service. Required scylla operator: <https://github.com/scylladb/scylla-operator/blob/master/docs/source/generic.md#deploy-scylla-operator> |
 | scylla.racks[0].members | int | `3` |  |
 | scylla.racks[0].name | string | `"dc-1a"` |  |
 | scylla.racks[0].resources.limits.cpu | int | `1` |  |
@@ -1010,4 +1010,3 @@ global:
 
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
-
diff --git a/charts/plgd-hub/templates/device-provisioning-service/_helpers.tpl b/charts/plgd-hub/templates/device-provisioning-service/_helpers.tpl
@@ -76,11 +76,12 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- define "plgd-hub.deviceProvisioningService.coapGateway" }}
   {{- $ := index . 0 }}
   {{- $hub := index . 1 }}
-  {{- $_ := required "CoAP Gateway address is required. Use global.domain or deviceProvisioningService.enrollmentGroups[].hub.coapGateway. In case of using global domain, default port 5684 or coapgateway.service.nodePort.port if specified is used" ( $hub.coapGateway | default $.Values.global.domain ) }}
   {{- if $hub.coapGateway }}
     {{- $hub.coapGateway }}
-  {{- else }}
+  {{- else if $.Values.global.domain }}
     {{- printf "%s:%v" $.Values.global.domain ( $.Values.coapgateway.service.nodePort | default 5684 ) }}
+  {{- else }}
+    {{- fail "CoAP Gateway address is required. Use global.domain or deviceProvisioningService.enrollmentGroups[].hub.coapGateway. In case of using global domain, default port 5684 or coapgateway.service.nodePort.port if specified is used" }}
   {{- end }}
 {{- end }}
 

diff --git a/charts/plgd-hub/templates/device-provisioning-service/hubs-oauth-secrets.yaml b/charts/plgd-hub/templates/device-provisioning-service/hubs-oauth-secrets.yaml
@@ -1,6 +1,6 @@
 {{- if .Values.deviceProvisioningService.enabled }}
 {{- range $.Values.deviceProvisioningService.enrollmentGroups }}
-{{- $EG := . }}
+{{- $eg := . }}
 {{- if .hubs }}
 {{- range .hubs }}
 {{ if .authorization }}
@@ -9,7 +9,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  {{ $id := (or .id .hubID $EG.id ) }}
+  {{ $id := (or .id .hubID $eg.id ) }}
   name: {{ printf "hub-oauth-%s" $id }}
   namespace: {{ $.Release.Namespace }}
   labels:

diff --git a/device-provisioning-service/README.md b/device-provisioning-service/README.md
@@ -1,6 +1,6 @@
 # Device Provisioning Service
 
-The Device Provisioning Service provides API to provision device to the [plgd/hub](https://github.com/plgd-dev/hub).
+The Device Provisioning Service provides an API to provision a device to the [plgd/hub](https://github.com/plgd-dev/hub).
 
 ## Workflow
 
@@ -15,7 +15,7 @@ plantuml -tsvg workflow.puml
 
 ## Docker Image
 
-Before you use the image you need to setup [K8s access to private registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry).
+Before you use the image, you need to set up [K8s access to private registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry).
 
 ```bash
 docker pull ghcr.io/plgd-dev/hub/device-provisioning-service:latest
@@ -30,10 +30,10 @@ A configuration template is available on [config.yaml](https://github.com/plgd-d
 | Property | Type | Description | Default |
 | ---------- | -------- | -------------- | ------- |
 | `log.dumpBody` | bool | `Set to true if you would like to dump raw messages.` | `false` |
-| `log.level` | string | `Logging enabled from level.` | `"info"` |
+| `log.level` | string |  `Minimum log level for logging. Logs with lower severity than this level will not be output. Supported levels: "debug", "info", "warn", "error".` | `"info"` |
 | `log.encoding` | string | `Logging format. The supported values are: "json", "console"` | `"json"` |
-| `log.stacktrace.enabled` | bool | `Log stacktrace.` | `"false` |
-| `log.stacktrace.level` | string | `Stacktrace from level.` | `"warn` |
+| `log.stacktrace.enabled` | bool | `Log stacktrace.` | `false` |
+| `log.stacktrace.level` | string | `Stacktrace from level.` | `"warn"` |
 | `log.encoderConfig.timeEncoder` | string | `Time format for logs. The supported values are: "rfc3339nano", "rfc3339".` | `"rfc3339nano"` |
 
 ### CoAP API
@@ -42,7 +42,7 @@ CoAP API as specified in the [workflow](./workflow.puml).
 
 | Property | Type | Description | Default |
 | ---------- | -------- | -------------- | ------- |
-| `apis.coap.address` | string | `Listen specification <host>:<port> for coap client connection.` | `"0.0.0.0:5688"` |
+| `apis.coap.address` | string | `Listening specification <host>:<port> for coap client connection.` | `"0.0.0.0:5688"` |
 | `apis.coap.protocols` | []string | `Protocol for coap connection. The supported values are: "tcp", "udp" .` | `["tcp"]` |
 | `apis.coap.maxMessageSize` | int | `Max message size which can be sent/received via coap. i.e. 256*1024 = 262144 bytes.` | `262144` |
 | `apis.coap.messagePoolSize` | int | `Defines the maximum preallocated messages in the pool for parse/create coap messages.` | `1000` |
@@ -59,7 +59,7 @@ The plgd device provisioning service REST API is defined by [swagger](https://ra
 | Property | Type | Description | Default |
 | ---------- | -------- | -------------- | ------- |
 | `apis.http.enabled` | bool | `Enable HTTP API.` | `false` |
-| `apis.http.address` | string | `Listen specification <host>:<port> for http client connection.` | `"0.0.0.0:9100"` |
+| `apis.http.address` | string | `Listening specification <host>:<port> for http client connection.` | `"0.0.0.0:9100"` |
 | `apis.http.tls.caPool` | string | `File path to the root certificate in PEM format which might contain multiple certificates in a single file.` |  `""` |
 | `apis.http.tls.keyFile` | string | `File path to private key in PEM format.` | `""` |
 | `apis.http.tls.certFile` | string | `File path to certificate in PEM format.` | `""` |
@@ -75,7 +75,7 @@ The plgd device provisioning service REST API is defined by [swagger](https://ra
 | `apis.http.authorization.http.tls.keyFile` | string | `File path to private key in PEM format.` | `""` |
 | `apis.http.authorization.http.tls.certFile` | string | `File path to certificate in PEM format.` | `""` |
 | `apis.http.authorization.http.tls.useSystemCAPool` | bool | `If true, use system certification pool.` | `false` |
-| `apis.http.readTimeout` | string | `The maximum duration for reading the entire request, including the body by the server. A zero or negative value means there will be no timeout.` | `8s` |
+| `apis.http.readTimeout` | string | `Maximum duration allowed for reading the entire request body, including the body by the server. A zero or negative value means there will be no timeout. Example: "8s" (8 seconds).` | `8s` |
 | `apis.http.readHeaderTimeout` | string | `The amount of time allowed to read request headers by the server. If readHeaderTimeout is zero, the value of readTimeout is used. If both are zero, there is no timeout.` | `4s` |
 | `apis.http.writeTimeout` | string | `The maximum duration before the server times out writing of the response. A zero or negative value means there will be no timeout.` | `16s` |
 | `apis.http.idleTimeout` | string | `The maximum amount of time the server waits for the next request when keep-alives are enabled. If idleTimeout is zero, the value of readTimeout is used. If both are zero, there is no timeout.` | `30s` |
@@ -123,7 +123,7 @@ Enrollment group entry configuration.
 | ---------- | -------- | -------------- | ------- |
 | `enrollmentGroups.[].id` | string | `Unique enrollment group id in GUID format` | `""` |
 | `enrollmentGroups.[].owner` | string | `Owner of a newly provisioned device` | `""` |
-| `enrollmentGroups.[].preSharedKeyFile` | string | `File path to the pre-shared key that will be stored on the device for the owner. It must be empty or have 16 characters in the preSharedKeyFile.` | `""` |
+| `enrollmentGroups.[].preSharedKeyFile` | string | `Path to the pre-shared key that will be stored on the device. It must either be empty or contain exactly 16 characters. If the key does not meet this requirement, the provisioning will fail.` | `""` |
 | `enrollmentGroups.[].attestationMechanism.x509.certificateChain` | string | `File path to certificate chain in PEM format.` | `""` |
 | `enrollmentGroups.[].attestationMechanism.x509.expiredCertificateEnabled` | bool | `Accept device connections with an expired certificate.` | `false` |
 
@@ -147,11 +147,11 @@ Defines configuration of the plgd hub where the device connects after it's succe
 
 #### OAuth2.0 Client
 
-OAuth2.0 Client is used to obtain JWT with ownerClaim an deviceIDClaim via the client credentials flow. The JWT will be is used directly during the [SignUp operation](https://plgd.dev/architecture/component-overview/#hub-registration).
+OAuth2.0 Client is used to obtain JWT with ownerClaim and deviceIDClaim via the client credentials flow. The JWT will be is used directly during the [SignUp operation](https://plgd.dev/architecture/component-overview/#hub-registration).
 
 | Property | Type | Description | Default |
 | ---------- | -------- | -------------- | ------- |
-| `enrollmentGroups.[].hub.authorization.ownerClaim` | string | `Claim used to identify owner of the device. If configured, your OAuth2.0 server has to set the owner id to the token as configured. OwnerClaim with sub is not supported. Custom owner claim needs to be configured also on the plgd hub instance. If used with the plgd mock OAuth Server, value https://plgd.dev/owner has to be set. **Required.**` | `""` |
+| `enrollmentGroups.[].hub.authorization.ownerClaim` | string | `Claim used to identify the owner of the device. If configured, your OAuth2.0 server has to set the owner id to the token as configured. OwnerClaim with sub is not supported. Custom owner claim needs to be configured also on the plgd hub instance. If used with the plgd mock OAuth Server, value https://plgd.dev/owner has to be set. **Required.**` | `""` |
 | `enrollmentGroups.[].hub.authorization.deviceIDClaim` | string | `Claim used to make JWT tokens device specific. If configured, your OAuth2.0 server has to set the device id to the token as configured. If used with the plgd mock OAuth Server, value https://plgd.dev/deviceId has to be set.` | `""` |
 | `enrollmentGroups.[].hub.authorization.provider.name` | string | `Provider name which is registered also on the instance of the plgd hub where the device connects after it's successfully provisioned. The grant type for this provider must be set to ClientCredentials.` | `""` |
 | `enrollmentGroups.[].hub.authorization.provider.authority` | string | `Authority is the address of the token-issuing authentication server. Services will use this URI to find token endpoint.` | `""` |