Add amadeus in the list of adopters (#5133)

Signed-off-by: Calvin Audier <calvin.audier@amadeus.com>

.github/workflows/build.yml

@@ -18,8 +18,7 @@ jobs:
       authentication: ${{ steps.filter.outputs.authentication }}
       subscriber: ${{ steps.filter.outputs.subscriber }}
       event-tracker: ${{ steps.filter.outputs.event-tracker }}
-      # upgrade-agent-cp: ${{ steps.filter.outputs.upgrade-agent-cp }}
+      dex-server: ${{ steps.filter.outputs.dex-server }}
-      # dex-server: ${{ steps.filter.outputs.dex-server }}
     steps:
       # For pull requests it's not necessary to checkout the code
       - uses: dorny/paths-filter@v3
@@ -36,10 +35,8 @@ jobs:
               - 'chaoscenter/subscriber/**'
             event-tracker:
               - 'chaoscenter/event-tracker/**'
-            # upgrade-agent-cp:
+            dex-server:
-            #   - 'chaoscenter/upgrade-agents/control-plane/**'
+              - 'chaoscenter/dex-server/**'
-            # dex-server:
-            #   - 'chaoscenter/dex-server/**'
 
   gitleaks-scan:
     runs-on: ubuntu-latest
@@ -56,7 +53,7 @@ jobs:
   backend-checks:
     runs-on: ubuntu-latest
     needs: changes
-    if: needs.changes.outputs.graphql-server == 'true' || needs.changes.outputs.authentication == 'true' || needs.changes.outputs.subscriber == 'true' || needs.changes.outputs.event-tracker == 'true'
+    if: needs.changes.outputs.graphql-server == 'true' || needs.changes.outputs.authentication == 'true' || needs.changes.outputs.subscriber == 'true' || needs.changes.outputs.event-tracker == 'true' || needs.changes.outputs.dex-server == 'true'
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -264,43 +261,28 @@ jobs:
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
 
-  # docker-build-upgrade-agent-cp:
+  docker-build-dex-server:
-  #   runs-on: ubuntu-latest
+    runs-on: ubuntu-latest
-  #   needs:
+    needs:
-  #     - backend-checks
+      - backend-checks
-  #     - changes
+      - changes
-  #     - backend-unit-tests
+    if: ${{ needs.changes.outputs.dex-server == 'true' }}
-  #   if: ${{ needs.changes.outputs.upgrade-agent-cp == 'true' }}
+    steps:
-  #   steps:
+      - name: Checkout code
-  #     - name: Checkout code
+        uses: actions/checkout@v4
-  #       uses: actions/checkout@v2
-  #     - name: Build control plane upgrade agent docker image
-  #       shell: bash
-  #       run: |
-  #         cd chaoscenter/upgrade-agents/control-plane
-  #         docker build . -f Dockerfile -t docker.io/litmuschaos/upgrade-agent-cp:${{ github.sha }} --build-arg TARGETARCH=amd64
-  #     - name: Run Trivy vulnerability scanner
-  #       uses: aquasecurity/trivy-action@master
-  #       with:
-  #         image-ref: 'docker.io/litmuschaos/upgrade-agent-cp:${{ github.sha }}'
-  #         format: 'table'
-  #         exit-code: '1'
-  #         ignore-unfixed: true
-  #         vuln-type: 'os,library'
-  #         severity: 'CRITICAL,HIGH'             
 
-  # docker-build-dex-server:
+      - name: Build dex-server docker image
-  #   runs-on: ubuntu-latest
+        shell: bash
-  #   needs:
+        run: |
-  #     - backend-checks
+          cd chaoscenter/dex-server
-  #     - changes
+          docker images && docker build . -f Dockerfile -t docker.io/litmuschaos/litmusportal-dex-server:${{ github.sha }} --build-arg TARGETARCH=amd64
-  #     - backend-unit-tests
+
-  #   if: needs.changes.outputs.dex-server == 'true'
+      - name: Run Trivy vulnerability scanner
-  #   steps:
+        uses: aquasecurity/trivy-action@master
-  #     - name: Checkout code
+        with:
-  #       uses: actions/checkout@v2
+          image-ref: 'docker.io/litmuschaos/litmusportal-dex-server:${{ github.sha }}'
-  #     - name: Build dex-server docker image
+          format: 'table'
-  #       shell: bash
+          exit-code: '0'
-  #       run: |
+          ignore-unfixed: true
-  #         cd chaoscenter/dex-server
+          vuln-type: 'os,library'
-  #         docker images && docker build . -f Dockerfile --build-arg TARGETARCH=amd64
+          severity: 'CRITICAL,HIGH'

.github/workflows/push.yml

@@ -59,8 +59,7 @@ jobs:
           echo export FRONTEND_IMAGE="litmusportal-frontend" >> env-vars
           echo export SUBSCRIBER_IMAGE="litmusportal-subscriber" >> env-vars
           echo export EVENT_TRACKER="litmusportal-event-tracker" >> env-vars
-          # echo export UPGRADE_AGENT_CP="upgrade-agent-cp" >> env-vars
+          echo export DEX_SERVER="litmusportal-dex-server" >> env-vars
-          # echo export DEX_SERVER="litmusportal-dex-server" >> env-vars
 
       - name: Uploading envs
         uses: actions/upload-artifact@v4
@@ -280,3 +279,42 @@ jobs:
           FRONTEND_IMAGE=${{ matrix.frontend.image_name }}
           timestamp=`date "+%s"`
           make push-frontend
+
+
+  docker-build-and-push-dex-server:
+    runs-on: ubuntu-latest
+    needs:
+      - get-envs
+      - backend-checks
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Downloading image artficate
+        uses: actions/download-artifact@v4
+        with:
+          name: env_artifact
+          path: chaoscenter
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          version: latest
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Push dex server docker image
+        env:
+          IMAGE_NAME: ${DEX_SERVER}
+          IMG_TAG: ${IMG_TAG}
+          PLATFORMS: ${{ secrets.PLATFORMS }}
+          REPONAME: ${{ secrets.REPONAME }}
+          DIRECTORY: "dex-server"
+        run: |
+          source env-vars
+          make push-portal-component

ADOPTERS.md

@@ -32,6 +32,7 @@ The companies listed here conform to [CNCF's definition of end-users](https://gi
 | [Wingie Enuygun Company](https://www.wingie.com/)                                | Chaos Engineering for an Online Travel and Finance Platform                                              | [Our Story](https://github.com/litmuschaos/litmus/issues/2191#issuecomment-2331265698) |
 | [EmiratesNBD](https://www.emiratesnbd.com)                                       | Chaos Engineering for Government Owned Bank                                                              | [Our Story](adopters/organizations/emirates-nbd.md)                                    |
 | [PokerBaazi](https://www.pokerbaazi.com/)                                        | Chaos Engineering for Online Gaming                                                                      | [Our Story](adopters/organizations/pokerbaazi.md)                                      |
+| [Amadeus](https://amadeus.com/)                                                  | Enhance the resilience and reliability in Amadeus through Chaos Engineering                              | [Our Story](adopters/organizations/amadeus.md)                                      |
 
 ### Cloud-Native Vendors
 

adopters/organizations/amadeus.md

@@ -0,0 +1,18 @@
+# Amadeus 
+[Amadeus](https://amadeus.com/) technology powers the global travel and tourism industry.
+
+From airlines to search engines, travel agencies to hotels, the world's top travel brands rely on Amadeus to help create exceptional traveler experiences.
+
+## How do we use Litmus.  
+We are using Litmus for the following 3 topics:
+- **Identify weakness** by injecting a wide variety of disruptions to catch bugs and gaps in the stability of our applications
+- **Build confidence in the resiliency** by introducing disruptions that activate our resiliency mechanisms to ensure they are working as expected.
+- **Validate fixes** by recreating specific conditions and disruptions, we can reproduce complex production incidents and validate the fixes deployed to resolve them.
+
+## Benefits in using Litmus.   
+
+We are finding the following benefits in Litmus
+- **Open Source**: Allows us to contribute new features and fix bugs based on feedback from our Chaos users.
+- **QA-Friendly**: Through the UI and YAML-based configuration, it allows QA profiles with limited SRE knowledge to easily create their own experiments.
+- **Extensibility**: As Chaos Scenarios are based on ArgoWorkflow, it allows for the inclusion of custom steps, such as updating a configuration before/after the experiments.
+- **Variety of Disruption Types**: Which satisfies our current Chaos users.

chaoscenter/dex-server/Dockerfile

@@ -1,3 +1,3 @@
-FROM ghcr.io/dexidp/dex:latest
+FROM ghcr.io/dexidp/dex:v2.43.0
 ENV DEX_FRONTEND_DIR=/srv/dex/web
 COPY --chown=root:root web /srv/dex/web

chaoscenter/dex-server/web/web.go

@@ -8,7 +8,7 @@ import (
 //go:embed static/* templates/* themes/*
 var files embed.FS
 
-// FS returns a filesystem with the default web assets.
+// FS returns a filesystem with the default web assets
 func FS() fs.FS {
 	return files
 }

mkdocs/docs/3.19.0/litmus-getting-started.yaml

@@ -0,0 +1,415 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: litmus-portal-admin-secret
+stringData:
+  DB_USER: "root"
+  DB_PASSWORD: "1234"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmus-portal-admin-config
+data:
+  DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin
+  VERSION: "3.19.0"
+  SKIP_SSL_VERIFY:
+    "false"
+    # Configurations if you are using dex for OAuth
+  DEX_ENABLED: "false"
+  OIDC_ISSUER: "http://<Your Domain>:32000"
+  DEX_OAUTH_CALLBACK_URL: "http://<litmus-portal frontend exposed URL>:8080/auth/dex/callback"
+  DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend"
+  DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0"
+  OAuthJwtSecret: "litmus-oauth@123"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmusportal-frontend-nginx-configuration
+data:
+  nginx.conf: |
+    pid /tmp/nginx.pid;
+
+    events {
+      worker_connections  1024;
+    }
+
+    http {
+        map $http_upgrade $connection_upgrade {
+            default upgrade;
+            '' close;
+        }
+
+        client_body_temp_path /tmp/client_temp;
+        proxy_temp_path       /tmp/proxy_temp_path;
+        fastcgi_temp_path     /tmp/fastcgi_temp;
+        uwsgi_temp_path       /tmp/uwsgi_temp;
+        scgi_temp_path        /tmp/scgi_temp;
+
+        sendfile on;
+        tcp_nopush on;
+        tcp_nodelay on;
+        keepalive_timeout 65;
+        types_hash_max_size 2048;
+        server_tokens off;
+
+        include /etc/nginx/mime.types;
+
+        gzip on;
+        gzip_disable "msie6";
+
+        access_log /var/log/nginx/access.log;
+        error_log /var/log/nginx/error.log;
+
+        server {
+            listen 8185 default_server;
+            root   /opt/chaos;
+
+            location /health {
+              return 200;
+            }
+
+            location / {
+                proxy_http_version 1.1;
+                add_header Cache-Control "no-cache";
+                try_files $uri /index.html;
+                autoindex on;
+            }
+
+            # redirect server error pages to the static page /50x.html
+            #
+            error_page   500 502 503 504  /50x.html;
+            location = /50x.html {
+                root   /usr/share/nginx/html;
+            }
+
+            location /auth/ {
+                proxy_http_version 1.1;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "http://litmusportal-auth-server-service:9003/";
+            }
+
+            location /api/ {
+                proxy_http_version 1.1;
+                proxy_set_header   Upgrade              $http_upgrade;
+                proxy_set_header   Connection           $connection_upgrade;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "http://litmusportal-server-service:9002/";
+            }
+        }
+    }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-frontend
+  labels:
+    component: litmusportal-frontend
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-frontend
+  template:
+    metadata:
+      labels:
+        component: litmusportal-frontend
+    spec:
+      automountServiceAccountToken: false
+      containers:
+        - name: litmusportal-frontend
+          image: litmuschaos/litmusportal-frontend:3.19.0
+          # securityContext:
+          #   runAsUser: 2000
+          #   allowPrivilegeEscalation: false
+          #   runAsNonRoot: true
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8185
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "125m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "512Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+          volumeMounts:
+            - name: nginx-config
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+      volumes:
+        - name: nginx-config
+          configMap:
+            name: litmusportal-frontend-nginx-configuration
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-frontend-service
+spec:
+  type: NodePort
+  ports:
+    - name: http
+      port: 9091
+      targetPort: 8185
+  selector:
+    component: litmusportal-frontend
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-server
+  labels:
+    component: litmusportal-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-server
+    spec:
+      automountServiceAccountToken: false
+      volumes:
+        - name: gitops-storage
+          emptyDir: {}
+        - name: hub-storage
+          emptyDir: {}
+      containers:
+        - name: graphql-server
+          image: litmuschaos/litmusportal-server:3.19.0
+          volumeMounts:
+            - mountPath: /tmp/
+              name: gitops-storage
+            - mountPath: /tmp/version
+              name: hub-storage
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication
+            - name: TLS_CERT_B64
+              value: ""
+            - name: ENABLE_GQL_INTROSPECTION
+              value: "false"
+            - name: INFRA_DEPLOYMENTS
+              value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]'
+            - name: CHAOS_CENTER_UI_ENDPOINT
+              value: ""
+            - name: SUBSCRIBER_IMAGE
+              value: "litmuschaos/litmusportal-subscriber:3.19.0"
+            - name: EVENT_TRACKER_IMAGE
+              value: "litmuschaos/litmusportal-event-tracker:3.19.0"
+            - name: ARGO_WORKFLOW_CONTROLLER_IMAGE
+              value: "litmuschaos/workflow-controller:v3.3.1"
+            - name: ARGO_WORKFLOW_EXECUTOR_IMAGE
+              value: "litmuschaos/argoexec:v3.3.1"
+            - name: LITMUS_CHAOS_OPERATOR_IMAGE
+              value: "litmuschaos/chaos-operator:3.19.0"
+            - name: LITMUS_CHAOS_RUNNER_IMAGE
+              value: "litmuschaos/chaos-runner:3.19.0"
+            - name: LITMUS_CHAOS_EXPORTER_IMAGE
+              value: "litmuschaos/chaos-exporter:3.19.0"
+            - name: CONTAINER_RUNTIME_EXECUTOR
+              value: "k8sapi"
+            - name: DEFAULT_HUB_BRANCH_NAME
+              value: "v3.16.x"
+            - name: LITMUS_AUTH_GRPC_ENDPOINT
+              value: "litmusportal-auth-server-service"
+            - name: LITMUS_AUTH_GRPC_PORT
+              value: "3030"
+            - name: WORKFLOW_HELPER_IMAGE_VERSION
+              value: "3.19.0"
+            - name: REMOTE_HUB_MAX_SIZE
+              value: "5000000"
+            - name: INFRA_COMPATIBLE_VERSIONS
+              value: '["3.19.0"]'
+            - name: ALLOWED_ORIGINS
+              value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?
+            - name: ENABLE_INTERNAL_TLS
+              value: "false"
+            - name: TLS_CERT_PATH
+              value: ""
+            - name: TLS_KEY_PATH
+              value: ""
+            - name: CA_CERT_TLS_PATH
+              value: ""
+            - name: REST_PORT
+              value: "8080"
+            - name: GRPC_PORT
+              value: "8000"
+          ports:
+            - containerPort: 8080
+            - containerPort: 8000
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "225m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "712Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-server
+  namespace: litmus
+  labels:
+    component: litmusportal-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: graphql-server
+      port: 9002
+      targetPort: 8080
+    - name: graphql-rpc-server
+      port: 8000
+      targetPort: 8000
+  selector:
+    component: litmusportal-server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-auth-server
+  labels:
+    component: litmusportal-auth-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-auth-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-auth-server
+    spec:
+      automountServiceAccountToken: false
+      containers:
+        - name: auth-server
+          image: litmuschaos/litmusportal-auth-server:3.19.0
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            - name: STRICT_PASSWORD_POLICY
+              value: "false"
+            - name: ADMIN_USERNAME
+              value: "admin"
+            - name: ADMIN_PASSWORD
+              value: "litmus"
+            - name: LITMUS_GQL_GRPC_ENDPOINT
+              value: "litmusportal-server-service"
+            - name: LITMUS_GQL_GRPC_PORT
+              value: "8000"
+            - name: ALLOWED_ORIGINS
+              value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?
+            - name: ENABLE_INTERNAL_TLS
+              value: "false"
+            - name: TLS_CERT_PATH
+              value: ""
+            - name: TLS_KEY_PATH
+              value: ""
+            - name: CA_CERT_TLS_PATH
+              value: ""
+            - name: REST_PORT
+              value: "3000"
+            - name: GRPC_PORT
+              value: "3030"
+          ports:
+            - containerPort: 3000
+            - containerPort: 3030
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "125m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "712Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-auth-server
+  namespace: litmus
+  labels:
+    component: litmusportal-auth-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-auth-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-server
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-auth-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: auth-server
+      port: 9003
+      targetPort: 3000
+    - name: auth-rpc-server
+      port: 3030
+      targetPort: 3030
+  selector:
+    component: litmusportal-auth-server

mkdocs/docs/3.19.0/litmus-installation.yaml

@@ -0,0 +1,448 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: litmus-portal-admin-secret
+stringData:
+  DB_USER: "root"
+  DB_PASSWORD: "1234"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmus-portal-admin-config
+data:
+  DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin
+  VERSION: "3.19.0"
+  SKIP_SSL_VERIFY:
+    "false"
+    # Configurations if you are using dex for OAuth
+  DEX_ENABLED: "false"
+  OIDC_ISSUER: "http://<Your Domain>:32000"
+  DEX_OAUTH_CALLBACK_URL: "http://<litmus-portal frontend exposed URL>:8080/auth/dex/callback"
+  DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend"
+  DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0"
+  OAuthJwtSecret: "litmus-oauth@123"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmusportal-frontend-nginx-configuration
+data:
+  nginx.conf: |
+    pid /tmp/nginx.pid;
+
+    events {
+      worker_connections  1024;
+    }
+
+    http {
+        map $http_upgrade $connection_upgrade {
+            default upgrade;
+            '' close;
+        }
+
+        client_body_temp_path /tmp/client_temp;
+        proxy_temp_path       /tmp/proxy_temp_path;
+        fastcgi_temp_path     /tmp/fastcgi_temp;
+        uwsgi_temp_path       /tmp/uwsgi_temp;
+        scgi_temp_path        /tmp/scgi_temp;
+
+        sendfile on;
+        tcp_nopush on;
+        tcp_nodelay on;
+        keepalive_timeout 65;
+        types_hash_max_size 2048;
+        server_tokens off;
+
+        include /etc/nginx/mime.types;
+
+        gzip on;
+        gzip_disable "msie6";
+
+        access_log /var/log/nginx/access.log;
+        error_log /var/log/nginx/error.log;
+
+        server {
+            listen 8185 ssl;
+            ssl_certificate /etc/tls/tls.crt;
+            ssl_certificate_key /etc/tls/tls.key;
+            ssl_protocols TLSv1.2 TLSv1.3;
+            ssl_client_certificate /etc/tls/ca.crt;
+            ssl_ciphers HIGH:!aNULL:!MD5;
+            ssl_prefer_server_ciphers on;
+            ssl_session_cache shared:SSL:10m;
+
+            root   /opt/chaos;
+
+            location /health {
+              return 200;
+            }
+
+            location / {
+                proxy_http_version 1.1;
+                add_header Cache-Control "no-cache";
+                try_files $uri /index.html;
+                autoindex on;
+            }
+
+            # redirect server error pages to the static page /50x.html
+            #
+            error_page   500 502 503 504  /50x.html;
+            location = /50x.html {
+                root   /usr/share/nginx/html;
+            }
+
+            location /auth/ {
+                proxy_ssl_verify        off;
+                proxy_ssl_session_reuse on;
+                proxy_http_version 1.1;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "https://litmusportal-auth-server-service:9005/";
+                proxy_ssl_certificate /etc/tls/tls.crt;
+                proxy_ssl_certificate_key /etc/tls/tls.key;
+            }
+
+            location /api/ {
+                proxy_ssl_verify        off;
+                proxy_ssl_session_reuse on;
+                proxy_http_version 1.1;
+                proxy_set_header   Upgrade              $http_upgrade;
+                proxy_set_header   Connection           $connection_upgrade;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "https://litmusportal-server-service:9004/";
+                proxy_ssl_certificate /etc/tls/tls.crt;
+                proxy_ssl_certificate_key /etc/tls/tls.key;
+            }
+        }
+    }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-frontend
+  labels:
+    component: litmusportal-frontend
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-frontend
+  template:
+    metadata:
+      labels:
+        component: litmusportal-frontend
+    spec:
+      automountServiceAccountToken: false
+      containers:
+        - name: litmusportal-frontend
+          image: litmuschaos/litmusportal-frontend:3.19.0
+          # securityContext:
+          #   runAsUser: 2000
+          #   allowPrivilegeEscalation: false
+          #   runAsNonRoot: true
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8185
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "125m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "512Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+          volumeMounts:
+            - name: nginx-config
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+            - mountPath: /etc/tls
+              name: tls-secret
+      volumes:
+        - name: nginx-config
+          configMap:
+            name: litmusportal-frontend-nginx-configuration
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-frontend-service
+spec:
+  type: NodePort
+  ports:
+    - name: http
+      port: 9091
+      targetPort: 8185
+  selector:
+    component: litmusportal-frontend
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-server
+  labels:
+    component: litmusportal-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-server
+    spec:
+      automountServiceAccountToken: false
+      volumes:
+        - name: gitops-storage
+          emptyDir: {}
+        - name: hub-storage
+          emptyDir: {}
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+      containers:
+        - name: graphql-server
+          image: litmuschaos/litmusportal-server:3.19.0
+          volumeMounts:
+            - mountPath: /tmp/
+              name: gitops-storage
+            - mountPath: /tmp/version
+              name: hub-storage
+            - mountPath: /etc/tls
+              name: tls-secret
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication
+            - name: TLS_CERT_B64
+              value: ""
+            - name: ENABLE_GQL_INTROSPECTION
+              value: "false"
+            - name: INFRA_DEPLOYMENTS
+              value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]'
+            - name: CHAOS_CENTER_UI_ENDPOINT
+              value: ""
+            - name: SUBSCRIBER_IMAGE
+              value: "litmuschaos/litmusportal-subscriber:3.19.0"
+            - name: EVENT_TRACKER_IMAGE
+              value: "litmuschaos/litmusportal-event-tracker:3.19.0"
+            - name: ARGO_WORKFLOW_CONTROLLER_IMAGE
+              value: "litmuschaos/workflow-controller:v3.3.1"
+            - name: ARGO_WORKFLOW_EXECUTOR_IMAGE
+              value: "litmuschaos/argoexec:v3.3.1"
+            - name: LITMUS_CHAOS_OPERATOR_IMAGE
+              value: "litmuschaos/chaos-operator:3.19.0"
+            - name: LITMUS_CHAOS_RUNNER_IMAGE
+              value: "litmuschaos/chaos-runner:3.19.0"
+            - name: LITMUS_CHAOS_EXPORTER_IMAGE
+              value: "litmuschaos/chaos-exporter:3.19.0"
+            - name: CONTAINER_RUNTIME_EXECUTOR
+              value: "k8sapi"
+            - name: DEFAULT_HUB_BRANCH_NAME
+              value: "v3.16.x"
+            - name: LITMUS_AUTH_GRPC_ENDPOINT
+              value: "litmusportal-auth-server-service"
+            - name: LITMUS_AUTH_GRPC_PORT
+              value: "3030"
+            - name: WORKFLOW_HELPER_IMAGE_VERSION
+              value: "3.19.0"
+            - name: REMOTE_HUB_MAX_SIZE
+              value: "5000000"
+            - name: INFRA_COMPATIBLE_VERSIONS
+              value: '["3.19.0"]'
+            - name: ALLOWED_ORIGINS
+              value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?"
+            - name: ENABLE_INTERNAL_TLS
+              value: "true"
+            - name: TLS_CERT_PATH
+              value: "/etc/tls/tls.crt"
+            - name: TLS_KEY_PATH
+              value: "/etc/tls/tls.key"
+            - name: CA_CERT_TLS_PATH
+              value: "/etc/tls/ca.crt"
+            - name: REST_PORT
+              value: "8081"
+            - name: GRPC_PORT
+              value: "8001"
+          ports:
+            - containerPort: 8081
+            - containerPort: 8001
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "225m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "712Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-server
+  namespace: litmus
+  labels:
+    component: litmusportal-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: graphql-server-https
+      port: 9004
+      targetPort: 8081
+    - name: graphql-rpc-server-https
+      port: 8001
+      targetPort: 8001
+  selector:
+    component: litmusportal-server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-auth-server
+  labels:
+    component: litmusportal-auth-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-auth-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-auth-server
+    spec:
+      volumes:
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+      automountServiceAccountToken: false
+      containers:
+        - name: auth-server
+          volumeMounts:
+            - mountPath: /etc/tls
+              name: tls-secret
+          image: litmuschaos/litmusportal-auth-server:3.19.0
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            - name: STRICT_PASSWORD_POLICY
+              value: "false"
+            - name: ADMIN_USERNAME
+              value: "admin"
+            - name: ADMIN_PASSWORD
+              value: "litmus"
+            - name: LITMUS_GQL_GRPC_ENDPOINT
+              value: "litmusportal-server-service"
+            - name: LITMUS_GQL_GRPC_PORT
+              value: "8000"
+            - name: ALLOWED_ORIGINS
+              value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?" #ip needs to added here
+            - name: ENABLE_INTERNAL_TLS
+              value: "true"
+            - name: TLS_CERT_PATH
+              value: "/etc/tls/tls.crt"
+            - name: TLS_KEY_PATH
+              value: "/etc/tls/ctls.key"
+            - name: CA_CERT_TLS_PATH
+              value: "/etc/tls/ca.crt"
+            - name: REST_PORT
+              value: "3001"
+            - name: GRPC_PORT
+              value: "3031"
+          ports:
+            - containerPort: 3001
+            - containerPort: 3031
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "250Mi"
+              cpu: "125m"
+              ephemeral-storage: "500Mi"
+            limits:
+              memory: "712Mi"
+              cpu: "550m"
+              ephemeral-storage: "1Gi"
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-auth-server
+  namespace: litmus
+  labels:
+    component: litmusportal-auth-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-auth-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-server
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-auth-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: auth-server-https
+      port: 9005
+      targetPort: 3001
+    - name: auth-rpc-server-https
+      port: 3031
+      targetPort: 3031
+  selector:
+    component: litmusportal-auth-server

mkdocs/docs/3.19.0/litmus-without-resources.yaml

@@ -0,0 +1,421 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: litmus-portal-admin-secret
+stringData:
+  DB_USER: "root"
+  DB_PASSWORD: "1234"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmus-portal-admin-config
+data:
+  DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin
+  VERSION: "3.19.0"
+  SKIP_SSL_VERIFY:
+    "false"
+    # Configurations if you are using dex for OAuth
+  DEX_ENABLED: "false"
+  OIDC_ISSUER: "http://<Your Domain>:32000"
+  DEX_OAUTH_CALLBACK_URL: "http://<litmus-portal frontend exposed URL>:8080/auth/dex/callback"
+  DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend"
+  DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0"
+  OAuthJwtSecret: "litmus-oauth@123"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: litmusportal-frontend-nginx-configuration
+data:
+  nginx.conf: |
+    pid /tmp/nginx.pid;
+
+    events {
+      worker_connections  1024;
+    }
+
+    http {
+        map $http_upgrade $connection_upgrade {
+            default upgrade;
+            '' close;
+        }
+
+        client_body_temp_path /tmp/client_temp;
+        proxy_temp_path       /tmp/proxy_temp_path;
+        fastcgi_temp_path     /tmp/fastcgi_temp;
+        uwsgi_temp_path       /tmp/uwsgi_temp;
+        scgi_temp_path        /tmp/scgi_temp;
+
+        sendfile on;
+        tcp_nopush on;
+        tcp_nodelay on;
+        keepalive_timeout 65;
+        types_hash_max_size 2048;
+        server_tokens off;
+
+        include /etc/nginx/mime.types;
+
+        gzip on;
+        gzip_disable "msie6";
+
+        access_log /var/log/nginx/access.log;
+        error_log /var/log/nginx/error.log;
+
+        server {
+            listen 8185 ssl;
+            ssl_certificate /etc/tls/tls.crt;
+            ssl_certificate_key /etc/tls/tls.key;
+            ssl_protocols TLSv1.2 TLSv1.3;
+            ssl_client_certificate /etc/tls/ca.crt;
+            ssl_ciphers HIGH:!aNULL:!MD5;
+            ssl_prefer_server_ciphers on;
+            ssl_session_cache shared:SSL:10m;
+
+            root   /opt/chaos;
+
+            location /health {
+              return 200;
+            }
+
+            location / {
+                proxy_http_version 1.1;
+                add_header Cache-Control "no-cache";
+                try_files $uri /index.html;
+                autoindex on;
+            }
+
+            # redirect server error pages to the static page /50x.html
+            #
+            error_page   500 502 503 504  /50x.html;
+            location = /50x.html {
+                root   /usr/share/nginx/html;
+            }
+
+            location /auth/ {
+                proxy_ssl_verify        off;
+                proxy_ssl_session_reuse on;
+                proxy_http_version 1.1;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "https://litmusportal-auth-server-service:9005/";
+                proxy_ssl_certificate /etc/tls/tls.crt;
+                proxy_ssl_certificate_key /etc/tls/tls.key;
+            }
+
+            location /api/ {
+                proxy_ssl_verify        off;
+                proxy_ssl_session_reuse on;
+                proxy_http_version 1.1;
+                proxy_set_header   Upgrade              $http_upgrade;
+                proxy_set_header   Connection           $connection_upgrade;
+                proxy_set_header   Host                 $host;
+                proxy_set_header   X-Real-IP            $remote_addr;
+                proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+                proxy_set_header   X-Forwarded-Proto    $scheme;
+                proxy_pass "https://litmusportal-server-service:9004/";
+                proxy_ssl_certificate /etc/tls/tls.crt;
+                proxy_ssl_certificate_key /etc/tls/tls.key;
+            }
+        }
+    }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-frontend
+  labels:
+    component: litmusportal-frontend
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-frontend
+  template:
+    metadata:
+      labels:
+        component: litmusportal-frontend
+    spec:
+      automountServiceAccountToken: false
+      containers:
+        - name: litmusportal-frontend
+          image: litmuschaos/litmusportal-frontend:3.19.0
+          # securityContext:
+          #   runAsUser: 2000
+          #   allowPrivilegeEscalation: false
+          #   runAsNonRoot: true
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8185
+          volumeMounts:
+            - name: nginx-config
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+            - mountPath: /etc/tls
+              name: tls-secret
+      volumes:
+        - name: nginx-config
+          configMap:
+            name: litmusportal-frontend-nginx-configuration
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-frontend-service
+spec:
+  type: NodePort
+  ports:
+    - name: http
+      port: 9091
+      targetPort: 8185
+  selector:
+    component: litmusportal-frontend
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-server
+  labels:
+    component: litmusportal-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-server
+    spec:
+      automountServiceAccountToken: false
+      volumes:
+        - name: gitops-storage
+          emptyDir: {}
+        - name: hub-storage
+          emptyDir: {}
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+      containers:
+        - name: graphql-server
+          image: litmuschaos/litmusportal-server:3.19.0
+          volumeMounts:
+            - mountPath: /tmp/
+              name: gitops-storage
+            - mountPath: /tmp/version
+              name: hub-storage
+            - mountPath: /etc/tls
+              name: tls-secret
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication
+            - name: TLS_CERT_B64
+              value: ""
+            - name: ENABLE_GQL_INTROSPECTION
+              value: "false"
+            - name: INFRA_DEPLOYMENTS
+              value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]'
+            - name: CHAOS_CENTER_UI_ENDPOINT
+              value: ""
+            - name: SUBSCRIBER_IMAGE
+              value: "litmuschaos/litmusportal-subscriber:3.19.0"
+            - name: EVENT_TRACKER_IMAGE
+              value: "litmuschaos/litmusportal-event-tracker:3.19.0"
+            - name: ARGO_WORKFLOW_CONTROLLER_IMAGE
+              value: "litmuschaos/workflow-controller:v3.3.1"
+            - name: ARGO_WORKFLOW_EXECUTOR_IMAGE
+              value: "litmuschaos/argoexec:v3.3.1"
+            - name: LITMUS_CHAOS_OPERATOR_IMAGE
+              value: "litmuschaos/chaos-operator:3.19.0"
+            - name: LITMUS_CHAOS_RUNNER_IMAGE
+              value: "litmuschaos/chaos-runner:3.19.0"
+            - name: LITMUS_CHAOS_EXPORTER_IMAGE
+              value: "litmuschaos/chaos-exporter:3.19.0"
+            - name: CONTAINER_RUNTIME_EXECUTOR
+              value: "k8sapi"
+            - name: DEFAULT_HUB_BRANCH_NAME
+              value: "v3.16.x"
+            - name: LITMUS_AUTH_GRPC_ENDPOINT
+              value: "litmusportal-auth-server-service"
+            - name: LITMUS_AUTH_GRPC_PORT
+              value: "3030"
+            - name: WORKFLOW_HELPER_IMAGE_VERSION
+              value: "3.19.0"
+            - name: REMOTE_HUB_MAX_SIZE
+              value: "5000000"
+            - name: INFRA_COMPATIBLE_VERSIONS
+              value: '["3.19.0"]'
+            - name: ALLOWED_ORIGINS
+              value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?
+            - name: ENABLE_INTERNAL_TLS
+              value: "true"
+            - name: TLS_CERT_PATH
+              value: "/etc/tls/tls.crt"
+            - name: TLS_KEY_PATH
+              value: "/etc/tls/tls.key"
+            - name: CA_CERT_TLS_PATH
+              value: "/etc/tls/ca.crt"
+            - name: REST_PORT
+              value: "8081"
+            - name: GRPC_PORT
+              value: "8001"
+          ports:
+            - containerPort: 8081
+            - containerPort: 8001
+          imagePullPolicy: Always
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-server
+  namespace: litmus
+  labels:
+    component: litmusportal-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: graphql-server-https
+      port: 9004
+      targetPort: 8081
+    - name: graphql-rpc-server-https
+      port: 8001
+      targetPort: 8001
+  selector:
+    component: litmusportal-server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: litmusportal-auth-server
+  labels:
+    component: litmusportal-auth-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: litmusportal-auth-server
+  template:
+    metadata:
+      labels:
+        component: litmusportal-auth-server
+    spec:
+      volumes:
+        - name: tls-secret
+          secret:
+            secretName: tls-secret
+      automountServiceAccountToken: false
+      containers:
+        - name: auth-server
+          volumeMounts:
+            - mountPath: /etc/tls
+              name: tls-secret
+          image: litmuschaos/litmusportal-auth-server:3.19.0
+          securityContext:
+            runAsUser: 2000
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+          envFrom:
+            - configMapRef:
+                name: litmus-portal-admin-config
+            - secretRef:
+                name: litmus-portal-admin-secret
+          env:
+            - name: STRICT_PASSWORD_POLICY
+              value: "false"
+            - name: ADMIN_USERNAME
+              value: "admin"
+            - name: ADMIN_PASSWORD
+              value: "litmus"
+            - name: LITMUS_GQL_GRPC_ENDPOINT
+              value: "litmusportal-server-service"
+            - name: LITMUS_GQL_GRPC_PORT
+              value: "8000"
+            - name: ALLOWED_ORIGINS
+              value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?" #ip needs to added here
+            - name: ENABLE_INTERNAL_TLS
+              value: "true"
+            - name: TLS_CERT_PATH
+              value: "/etc/tls/tls.crt"
+            - name: TLS_KEY_PATH
+              value: "/etc/tls/ctls.key"
+            - name: CA_CERT_TLS_PATH
+              value: "/etc/tls/ca.crt"
+            - name: REST_PORT
+              value: "3001"
+            - name: GRPC_PORT
+              value: "3031"
+          ports:
+            - containerPort: 3001
+            - containerPort: 3031
+          imagePullPolicy: Always
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: litmusportal-auth-server
+  namespace: litmus
+  labels:
+    component: litmusportal-auth-server
+spec:
+  policyTypes:
+    - Ingress
+  podSelector:
+    matchLabels:
+      component: litmusportal-auth-server
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-frontend
+    - from:
+        - podSelector:
+            matchLabels:
+              component: litmusportal-server
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: litmusportal-auth-server-service
+spec:
+  type: NodePort
+  ports:
+    - name: auth-server-https
+      port: 9005
+      targetPort: 3001
+    - name: auth-rpc-server-https
+      port: 3031
+      targetPort: 3031
+  selector:
+    component: litmusportal-auth-server

mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-operator.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-serviceaccount
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -22,7 +22,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-role
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -59,7 +59,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-rolebinding
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -81,7 +81,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -97,7 +97,7 @@ spec:
         app.kubernetes.io/name: litmus
         # provide unique instance-id if applicable
         # app.kubernetes.io/instance: litmus-abcxzy
-        app.kubernetes.io/version: v3.18.0
+        app.kubernetes.io/version: v3.19.0
         app.kubernetes.io/component: operator
         app.kubernetes.io/part-of: litmus
         app.kubernetes.io/managed-by: kubectl
@@ -106,13 +106,13 @@ spec:
       serviceAccountName: litmus
       containers:
         - name: chaos-operator
-          image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-operator:3.18.0
+          image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-operator:3.19.0
           command:
           - chaos-operator
           imagePullPolicy: Always
           env:
             - name: CHAOS_RUNNER_IMAGE
-              value: "litmuschaos.docker.scarf.sh/litmuschaos/chaos-runner:3.18.0"
+              value: "litmuschaos.docker.scarf.sh/litmuschaos/chaos-runner:3.19.0"
             - name: WATCH_NAMESPACE
               valueFrom:
                 fieldRef:

mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-scheduler.yaml

@@ -16,7 +16,7 @@ spec:
       containers:
         - name: chaos-scheduler
           # Replace this with the built image name
-          image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-scheduler:3.18.0
+          image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-scheduler:3.19.0
           command:
           - chaos-scheduler
           imagePullPolicy: IfNotPresent

mkdocs/docs/litmus-namespaced-scope/litmus-ns-experiment-rbac.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-serviceaccount
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -22,7 +22,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-role
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -59,7 +59,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-rolebinding
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl

mkdocs/docs/litmus-namespaced-scope/litmus-ns-rbac.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-serviceaccount
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -22,7 +22,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-role
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl
@@ -62,7 +62,7 @@ metadata:
     app.kubernetes.io/name: litmus
     # provide unique instance-id if applicable
     # app.kubernetes.io/instance: litmus-abcxzy
-    app.kubernetes.io/version: v3.18.0
+    app.kubernetes.io/version: v3.19.0
     app.kubernetes.io/component: operator-rolebinding
     app.kubernetes.io/part-of: litmus
     app.kubernetes.io/managed-by: kubectl