apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisComponent"
metadata:
  name: "auth"
  namespace: "adn-agov-nevisidm-01-uat"
  labels:
    deploymentTarget: "auth"
  annotations:
    projectKey: "DEFAULT-ADN-AGOV-PROJECT"
    patternId: "7022472ae407577ae604bbb8"
spec:
  type: "NevisAuth"
  replicas: 1
  version: "8.2405.2"
  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    management: 9000
    soap: 8991
  resources:
    limits:
      cpu: "2"
      memory: "2000Mi"
    requests:
      cpu: "20m"
      memory: "1000Mi"
  livenessProbe:
    soap:
      tcpSocket: true
      periodSeconds: 5
      timeoutSeconds: 4
  readinessProbe:
    management:
      httpGet:
        path: "/nevisauth/liveness"
      periodSeconds: 5
      timeoutSeconds: 6
  startupProbe:
    management:
      httpGet:
        path: "/nevisauth/liveness"
      periodSeconds: 5
      timeoutSeconds: 6
      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
    tag: "r-2a044150ed3a68477132d702114401eb4c7e986f"
    dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
    credentials: "git-credentials"
  keystores:
  - "auth-sh4r3d-internal-idp-auth-signer"
  - "auth-auth-realm-mobile-fido-uaf-tls-client-nevisfido"
  - "auth-default-identity"
  truststores:
  - "auth-default-tls-trust"
  - "auth-auth-realm-mobile-fido-uaf-tls-trust-nevisfido"
  - "auth-default-default-signer-trust"
  - "auth-technical-trust-store"
  podSecurity:
    policy: "baseline"
    automountServiceAccountToken: false
  timeZone: "Europe/Zurich"