ica-orderer.yaml

# Default values for ca.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

imagePullSecrets: []
nameOverride: "ica-orderer"
fullnameOverride: ""
project: yourproject

replicaCount: 1

image:
  repository: hyperledger/fabric-ca
  pullPolicy: IfNotPresent
  ### Overrides the image tag whose default is the chart appVersion.
  tag: "1.5.0"

init:
  image:
   repository: npcioss/hlf-builder
   pullPolicy: IfNotPresent
   tag: "2.4"

## tls_domain : This will be used to create an Ingress, and CSR for the CA server.
## Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
## ie, root-ca.my-hlf-domain.com
tls_domain: my-hlf-domain.com
ca_server:
  csr_names_country: IN
  csr_names_st: Maharashtra
  csr_names_l: Mumbai
  csr_names_o: Your Company Name
  csr_names_ou: Your Organization Unit
  container_port: 7051
  debug: true
  tls_enabled: true
  ## You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
  ## kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
  admin_secret: orderer-secret

retry_seconds: 60
recreate_intermediate_cert: false # Make it true if you want to delete existing parent server public key cert and fetch new one.

ica:
  enabled: true
  parent_ca_endpoint: root-ca.my-hlf-domain.com:30000
  intermediate_tls_cert_dir: /tmp/hyperledger/fabric-ca/root-ca-cert
  intermediate_tls_cert_file: cert.pem

service:
  type: ClusterIP
  port: 7051

ingress:
  enabled: true
  className: "nginx"
  annotations:
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"

storage:
  pvc_enabled: true
  accessMode: ReadWriteOnce
  storageClass: standard
  size: 1G
  path: /tmp/hyperledger/fabric-ca/crypto

serviceAccount:
  create: true
  annotations: {}
  name: ""