apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisComponent"
metadata:
  name: "ob-auth-v1"
  namespace: "adn-agov-nevisidm-ob-01-uat"
  labels:
    deploymentTarget: "ob-auth-v1"
  annotations:
    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
    patternId: "d00b0dcbe241793d30daf91c"
spec:
  type: "NevisAuth"
  replicas: 1
  version: "8.2411.1"
  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    management: 9000
    soap: 8991
  resources:
    limits:
      cpu: "1000m"
      memory: "1000Mi"
    requests:
      cpu: "20m"
      memory: "200Mi"
  livenessProbe:
    soap:
      tcpSocket: true
      periodSeconds: 5
      timeoutSeconds: 4
  readinessProbe:
    management:
      httpGet:
        path: "/nevisauth/liveness"
      periodSeconds: 5
      timeoutSeconds: 6
  startupProbe:
    management:
      httpGet:
        path: "/nevisauth/liveness"
      periodSeconds: 5
      timeoutSeconds: 6
      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
    tag: "r-ea22f21044b7cd8da039215de411398965a2bdcf"
    dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1"
    credentials: "git-credentials"
  keystores:
  - "ob-auth-v1-default-identity"
  - "ob-auth-v1-ob-realm-accessapp-registration-nevisfido-tls-client"
  truststores:
  - "ob-auth-v1-ob-realm-accessapp-registration-nevisfido-tls-trust"
  - "ob-auth-v1-default-tls-client-trust"
  - "ob-auth-v1-agov-work-internal-trust-store"
  podSecurity:
    policy: "baseline"
    automountServiceAccountToken: false
  timeZone: "Europe/Zurich"