From 87a331b17f89b1fa4166b6349f3f60ac79e4c632 Mon Sep 17 00:00:00 2001 From: Charles-Antoine Dolbeau Date: Thu, 28 May 2026 22:03:17 +0000 Subject: [PATCH 1/2] feat(helm): add licenseProxy values for corporate HTTP proxy support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a licenseProxy section to values.yaml (host, port, user, password) that automatically generates a ConfigMap containing license.config and mounts it into vtom-server, vtom-apiserver, itc, and itm. This allows the Absyss Java license client to reach license-ctrl.customer.absyss.com through a corporate HTTP proxy without any manual Kubernetes object creation. When licenseProxy.host is empty (default), no ConfigMap is created and no volume mount is added — existing deployments are unaffected. Also adds the missing license.config mount to vtom-server (deployment-server.yaml), which previously had no proxy support even when configured manually. The values-client-template.yaml is updated with the new commented section so operators are aware of the option during deployment. --- charts/visual-tom/templates/_helpers.tpl | 10 ++++++++++ .../templates/common/license-proxy-configmap.yaml | 12 ++++++++++++ charts/visual-tom/templates/itc/deployment.yaml | 11 +++++++++++ charts/visual-tom/templates/itm/deployment.yaml | 11 +++++++++++ .../templates/vtom/deployment-apiserver.yaml | 11 +++++++++++ .../templates/vtom/deployment-server.yaml | 11 +++++++++++ charts/visual-tom/values-client-template.yaml | 15 +++++++++++++++ charts/visual-tom/values.yaml | 14 ++++++++++++++ 8 files changed, 95 insertions(+) create mode 100644 charts/visual-tom/templates/common/license-proxy-configmap.yaml diff --git a/charts/visual-tom/templates/_helpers.tpl b/charts/visual-tom/templates/_helpers.tpl index c6033a8..b9b6b8f 100644 --- a/charts/visual-tom/templates/_helpers.tpl +++ b/charts/visual-tom/templates/_helpers.tpl @@ -240,3 +240,13 @@ Workload Identity annotation on the pod depending on the cloud provider. azure.workload.identity/use: "true" {{- end }} {{- end }} + +{{/* +Name of the license proxy ConfigMap, when licenseProxy.host is set. +Returns an empty string when no proxy is configured. +*/}} +{{- define "vtom.licenseProxyConfigMapName" -}} +{{- if .Values.licenseProxy.host -}} +{{ include "vtom.name" . }}-license-proxy +{{- end -}} +{{- end }} diff --git a/charts/visual-tom/templates/common/license-proxy-configmap.yaml b/charts/visual-tom/templates/common/license-proxy-configmap.yaml new file mode 100644 index 0000000..73451af --- /dev/null +++ b/charts/visual-tom/templates/common/license-proxy-configmap.yaml @@ -0,0 +1,12 @@ +{{- if .Values.licenseProxy.host }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "vtom.licenseProxyConfigMapName" . }} + namespace: {{ include "vtom.namespace" . }} + labels: + {{- include "vtom.labels" . | nindent 4 }} +data: + license.config: | + {"version":"1.2","proxyEnable":true,"proxyHost":{{ .Values.licenseProxy.host | quote }},"proxyPort":{{ .Values.licenseProxy.port }},"proxyUser":{{ if .Values.licenseProxy.user }}{{ .Values.licenseProxy.user | quote }}{{ else }}null{{ end }},"proxyPassword":{{ if .Values.licenseProxy.password }}{{ .Values.licenseProxy.password | quote }}{{ else }}null{{ end }}} +{{- end }} diff --git a/charts/visual-tom/templates/itc/deployment.yaml b/charts/visual-tom/templates/itc/deployment.yaml index 09b8876..38234a6 100644 --- a/charts/visual-tom/templates/itc/deployment.yaml +++ b/charts/visual-tom/templates/itc/deployment.yaml @@ -113,6 +113,12 @@ spec: mountPath: /var/lib/absyss/visual-tom-user-portal/license/{{ .Values.itc.license.secretKey }} subPath: {{ .Values.itc.license.secretKey }} readOnly: true + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + mountPath: /var/lib/absyss/visual-tom-user-portal/license/license.config + subPath: license.config + readOnly: true + {{- end }} volumes: - name: itc-data persistentVolumeClaim: @@ -121,6 +127,11 @@ spec: secret: secretName: {{ .Values.itc.license.secretName }} defaultMode: 0440 + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + configMap: + name: {{ include "vtom.licenseProxyConfigMapName" . }} + {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.itc.tolerations }} tolerations: diff --git a/charts/visual-tom/templates/itm/deployment.yaml b/charts/visual-tom/templates/itm/deployment.yaml index de58e86..d389723 100644 --- a/charts/visual-tom/templates/itm/deployment.yaml +++ b/charts/visual-tom/templates/itm/deployment.yaml @@ -112,6 +112,12 @@ spec: mountPath: /var/lib/absyss/visual-it-messenger/license/{{ .Values.itm.license.secretKey }} subPath: {{ .Values.itm.license.secretKey }} readOnly: true + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + mountPath: /var/lib/absyss/visual-it-messenger/license/license.config + subPath: license.config + readOnly: true + {{- end }} volumes: - name: itm-data persistentVolumeClaim: @@ -120,6 +126,11 @@ spec: secret: secretName: {{ .Values.itm.license.secretName }} defaultMode: 0440 + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + configMap: + name: {{ include "vtom.licenseProxyConfigMapName" . }} + {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.itm.tolerations }} tolerations: diff --git a/charts/visual-tom/templates/vtom/deployment-apiserver.yaml b/charts/visual-tom/templates/vtom/deployment-apiserver.yaml index c3e8260..9b938b8 100644 --- a/charts/visual-tom/templates/vtom/deployment-apiserver.yaml +++ b/charts/visual-tom/templates/vtom/deployment-apiserver.yaml @@ -115,6 +115,12 @@ spec: mountPath: /var/lib/absyss/visual-tom/license/{{ .Values.vtom.license.secretKey }} subPath: {{ .Values.vtom.license.secretKey }} readOnly: true + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + mountPath: /var/lib/absyss/visual-tom/license/license.config + subPath: license.config + readOnly: true + {{- end }} volumes: - name: customer-data persistentVolumeClaim: @@ -123,6 +129,11 @@ spec: secret: secretName: {{ .Values.vtom.license.secretName }} defaultMode: 0440 + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + configMap: + name: {{ include "vtom.licenseProxyConfigMapName" . }} + {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.vtom.tolerations }} tolerations: diff --git a/charts/visual-tom/templates/vtom/deployment-server.yaml b/charts/visual-tom/templates/vtom/deployment-server.yaml index d87194a..ce29d12 100644 --- a/charts/visual-tom/templates/vtom/deployment-server.yaml +++ b/charts/visual-tom/templates/vtom/deployment-server.yaml @@ -117,6 +117,12 @@ spec: mountPath: /opt/absyss/visual-tom/vtom/bin/{{ .Values.vtom.license.secretKey }} subPath: {{ .Values.vtom.license.secretKey }} readOnly: true + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + mountPath: /var/lib/absyss/visual-tom/license/license.config + subPath: license.config + readOnly: true + {{- end }} volumes: - name: customer-data persistentVolumeClaim: @@ -125,6 +131,11 @@ spec: secret: secretName: {{ .Values.vtom.license.secretName }} defaultMode: 0440 + {{- if include "vtom.licenseProxyConfigMapName" . }} + - name: license-proxy + configMap: + name: {{ include "vtom.licenseProxyConfigMapName" . }} + {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.vtom.tolerations }} tolerations: diff --git a/charts/visual-tom/values-client-template.yaml b/charts/visual-tom/values-client-template.yaml index 749a9eb..050b633 100644 --- a/charts/visual-tom/values-client-template.yaml +++ b/charts/visual-tom/values-client-template.yaml @@ -220,6 +220,21 @@ networkPolicy: database: host: "" # TODO: e.g.: vtom-postgres.postgres.database.azure.com +# ----------------------------------------------------------------------------- +# License proxy (optional) +# Required only if the cluster has no direct outbound internet access and must +# route through an HTTP proxy to reach the Absyss license server +# (license-ctrl.customer.absyss.com). +# When host is set, the chart generates a ConfigMap and mounts license.config +# in vtom-server, vtom-apiserver, itc, and itm. +# Leave host empty (default) to disable — no ConfigMap is created. +# ----------------------------------------------------------------------------- +# licenseProxy: +# host: "" # TODO: e.g.: proxy.corp.example.com +# port: 3128 +# user: "" # leave empty if the proxy requires no authentication +# password: "" # leave empty if the proxy requires no authentication + # ----------------------------------------------------------------------------- # Cloud secrets — REQUIRED depending on the provider # Fill in ONLY the section matching your cloud. diff --git a/charts/visual-tom/values.yaml b/charts/visual-tom/values.yaml index fc36abe..08e801c 100644 --- a/charts/visual-tom/values.yaml +++ b/charts/visual-tom/values.yaml @@ -569,3 +569,17 @@ storageClass: provisioner: "" # e.g.: disk.csi.azure.com parameters: {} volumeBindingMode: WaitForFirstConsumer + +# ----------------------------------------------------------------------------- +# License proxy configuration +# When licenseProxy.host is set, the chart generates a ConfigMap and mounts +# license.config in each component (vtom-server, vtom-apiserver, itc, itm), +# allowing the Absyss Java license client to reach license-ctrl.customer.absyss.com +# through a corporate HTTP proxy. +# Leave host empty to disable (no ConfigMap created, no volume mount added). +# ----------------------------------------------------------------------------- +licenseProxy: + host: "" # e.g.: proxy.corp.example.com + port: 3128 + user: "" # leave empty if the proxy requires no authentication + password: "" # leave empty if the proxy requires no authentication From 6edf4711bc83471e5b8621589122e217e1836ca9 Mon Sep 17 00:00:00 2001 From: Charles-Antoine Dolbeau Date: Fri, 29 May 2026 09:59:11 +0000 Subject: [PATCH 2/2] =?UTF-8?q?fix(helm):=20remove=20licenseProxy=20mount?= =?UTF-8?q?=20from=20vtom-server=20=E2=80=94=20old=20license=20mechanism?= =?UTF-8?q?=20does=20not=20support=20license.config?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../visual-tom/templates/vtom/deployment-server.yaml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/charts/visual-tom/templates/vtom/deployment-server.yaml b/charts/visual-tom/templates/vtom/deployment-server.yaml index ce29d12..d87194a 100644 --- a/charts/visual-tom/templates/vtom/deployment-server.yaml +++ b/charts/visual-tom/templates/vtom/deployment-server.yaml @@ -117,12 +117,6 @@ spec: mountPath: /opt/absyss/visual-tom/vtom/bin/{{ .Values.vtom.license.secretKey }} subPath: {{ .Values.vtom.license.secretKey }} readOnly: true - {{- if include "vtom.licenseProxyConfigMapName" . }} - - name: license-proxy - mountPath: /var/lib/absyss/visual-tom/license/license.config - subPath: license.config - readOnly: true - {{- end }} volumes: - name: customer-data persistentVolumeClaim: @@ -131,11 +125,6 @@ spec: secret: secretName: {{ .Values.vtom.license.secretName }} defaultMode: 0440 - {{- if include "vtom.licenseProxyConfigMapName" . }} - - name: license-proxy - configMap: - name: {{ include "vtom.licenseProxyConfigMapName" . }} - {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.vtom.tolerations }} tolerations: