npci
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/README.md
Lines changed: 11 additions & 11 deletions b/‎examples/README.md
Lines changed: 11 additions & 11 deletions
diff --git a/‎examples/fabric-ca/ica-initialpeerorg.yaml
Lines changed: 12 additions & 63 deletions b/‎examples/fabric-ca/ica-initialpeerorg.yaml
Lines changed: 12 additions & 63 deletions
diff --git a/‎examples/fabric-ca/ica-orderer.yaml
Lines changed: 10 additions & 61 deletions b/‎examples/fabric-ca/ica-orderer.yaml
Lines changed: 10 additions & 61 deletions
diff --git a/‎examples/fabric-ca/ica-org1.yaml
Lines changed: 10 additions & 61 deletions b/‎examples/fabric-ca/ica-org1.yaml
Lines changed: 10 additions & 61 deletions
@@ -34,11 +34,11 @@ Whether you're a blockchain enthusiast, developer, or enterprise seeking to harn
 - [ ] Key Management using HSM / Vault
 
 ### Releases
-- [v1.0.2](https://github.com/npci/falcon/releases/latest)
+- [v1.1.0](https://github.com/npci/falcon/releases/latest)
+- [v1.0.2](https://github.com/npci/falcon/releases/tag/v1.0.2)
 - [v1.0.1](https://github.com/npci/falcon/releases/tag/v1.0.1)
 - [v1.0.0](https://github.com/npci/falcon/releases/tag/v1.0.0)
 
-
 ### Samples
 Please refer our [examples](examples/README.md) for running a complete blockchain network using the deployment helper.
 
 
@@ -87,7 +87,7 @@ helm install tls-ca -n orderer helm-charts/fabric-ca -f examples/fabric-ca/tls-c
 You can verify it with the similar way we verified the root-ca end-point above.
 
 4. **Create ROOTCA identities**
-* Note:- Every identity registration job must be executed in the same namespace where the respective CA's are running. And the admin credentials secret name must be supplied to the values file at `Values.ca.admin_secret`
+* Note:- Every identity registration job must be executed in the same namespace where the respective CA's are running. And the admin credentials secret name must be supplied to the values file at `Values.ca_secret`
 ```
 helm install rootca-ops -n orderer helm-charts/fabric-ops/ -f examples/fabric-ops/rootca/rootca-identities.yaml
 ```
@@ -159,16 +159,16 @@ You need to create a kubernetes secret with the one registered with rootca ident
 ```
 helm install ica-org1 -n org1 helm-charts/fabric-ca -f examples/fabric-ca/ica-org1.yaml
 ```
-2. **Add Org1 to the network**
+2. **Create Org1 identities with ica-org1**
+```
+helm install org1-ca-ops -n org1 helm-charts/fabric-ops/ -f examples/fabric-ops/org1/identities.yaml 
+```
+3. **Add Org1 to the network**
 
 Once the `Org1` ICA started successfully, you would need to add this `Org1` to the network. For that, you need to run the following Job in `initialpeerorg`. Comment out the `org2` section from the `Values.organizatons` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml) for now since we have not deployed the `Org2` yet.
 ```
 helm install configorgchannel -n initialpeerorg helm-charts/fabric-ops/ -f examples/fabric-ops/initialpeerorg/configure-org-channel.yaml
 ```
-3. **Create Org1 identities with ica-org1**
-```
-helm install org1-ca-ops -n org1 helm-charts/fabric-ops/ -f examples/fabric-ops/org1/identities.yaml 
-```
 4. **Deploy Peers on Org1**
 ```
 helm install peer -n org1 helm-charts/fabric-peer/ -f examples/fabric-peer/org1/values.yaml
@@ -190,16 +190,16 @@ You need to create a kubernetes secret with the one registered with rootca ident
 ```
 helm install ica-org2 -n org2 helm-charts/fabric-ca -f examples/fabric-ca/ica-org2.yaml
 ```
-2. **Add Org2 to network**
+2. **Create Org2 identities with ica-org2.**
+```
+helm install org2-ca-ops -n org2 helm-charts/fabric-ops/ -f examples/fabric-ops/org2/identities.yaml 
+```
+3. **Add Org2 to network**
 
 Once the `Org2` ICA started successfully, you would need to add this `Org2` to the network. For that, you need to upgrade the following `configorgchannel` Job in `initialpeerorg`. This time, uncomment the `org2` section in the `Values.organizatons` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml).
 ```
 helm upgrade configorgchannel -n initialpeerorg helm-charts/fabric-ops/ -f examples/fabric-ops/initialpeerorg/configure-org-channel.yaml
 ```
-3. **Create Org2 identities with ica-org2.**
-```
-helm install org2-ca-ops -n org2 helm-charts/fabric-ops/ -f examples/fabric-ops/org2/identities.yaml 
-```
 4. **Deploy Peers on Org2**
 ```
 helm install peer -n org2 helm-charts/fabric-peer/ -f examples/fabric-peer/org2/values.yaml
 
@@ -11,21 +11,19 @@ replicaCount: 1
 
 image:
   repository: hyperledger/fabric-ca
-  pullPolicy: Always
-  # Overrides the image tag whose default is the chart appVersion.
+  pullPolicy: IfNotPresent
+  ### Overrides the image tag whose default is the chart appVersion.
   tag: "1.5.0"
 
 init:
   image:
    repository: npcioss/hlf-builder
-   pullPolicy: Always
+   pullPolicy: IfNotPresent
    tag: "2.4"
 
-retry_seconds: 60
-
-# tls_domain : This will be used to create an Ingress, and CSR for the CA server.
-# Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
-# ie, root-ca.my-hlf-domain.com
+## tls_domain : This will be used to create an Ingress, and CSR for the CA server.
+## Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
+## ie, root-ca.my-hlf-domain.com
 tls_domain: my-hlf-domain.com
 ca_server:
   csr_names_country: IN
@@ -36,10 +34,13 @@ ca_server:
   container_port: 7051
   debug: true
   tls_enabled: true
-  # You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
-  # kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
+  ## You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
+  ## kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
   admin_secret: initialpeerorg-secret
 
+retry_seconds: 60
+recreate_intermediate_cert: false # Make it true if you want to delete existing parent server public key cert and fetch new one on the next restart.
+
 ica:
   enabled: true
   parent_ca_endpoint: "root-ca.my-hlf-domain.com:30000" # your-root-ca-endpoint:<port>
@@ -55,10 +56,6 @@ ingress:
   className: "nginx"
   annotations:
     nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  hosts:
-    - paths:
-        - path: /
-          pathType: Prefix
 
 storage:
   pvc_enabled: true
@@ -70,52 +67,4 @@ storage:
 serviceAccount:
   create: true
   annotations: {}
-  name: ""
-
-resources:
-  limits:
-    cpu: 100m
-    memory: 256Mi
-  requests:
-    cpu: 100m
-    memory: 128Mi
-
-# affinity:
-#  nodeAffinity:
-#   preferredDuringSchedulingIgnoredDuringExecution:
-#   - weight: 50
-#     preference:
-#       matchExpressions:
-#       - key: project
-#         operator: In
-#         values:
-#         - value1
-
-startupProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-  initialDelaySeconds: 10
-livenessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-readinessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-
-podAnnotations: {}
-podSecurityContext: {}
-securityContext: {}
-nodeSelector: {}
-tolerations: []
-autoscaling:
-  enabled: false
-  minReplicas: 1
-  maxReplicas: 100
-  targetCPUUtilizationPercentage: 80
-  # targetMemoryUtilizationPercentage: 80
+  name: ""
@@ -11,19 +11,19 @@ replicaCount: 1
 
 image:
   repository: hyperledger/fabric-ca
-  pullPolicy: Always
-  # Overrides the image tag whose default is the chart appVersion.
+  pullPolicy: IfNotPresent
+  ### Overrides the image tag whose default is the chart appVersion.
   tag: "1.5.0"
 
 init:
   image:
    repository: npcioss/hlf-builder
-   pullPolicy: Always
+   pullPolicy: IfNotPresent
    tag: "2.4"
 
-# tls_domain : This will be used to create an Ingress, and CSR for the CA server.
-# Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
-# ie, root-ca.my-hlf-domain.com
+## tls_domain : This will be used to create an Ingress, and CSR for the CA server.
+## Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
+## ie, root-ca.my-hlf-domain.com
 tls_domain: my-hlf-domain.com
 ca_server:
   csr_names_country: IN
@@ -34,11 +34,12 @@ ca_server:
   container_port: 7051
   debug: true
   tls_enabled: true
-  # You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
-  # kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
+  ## You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
+  ## kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
   admin_secret: orderer-secret
 
 retry_seconds: 60
+recreate_intermediate_cert: false # Make it true if you want to delete existing parent server public key cert and fetch new one.
 
 ica:
   enabled: true
@@ -55,10 +56,6 @@ ingress:
   className: "nginx"
   annotations:
     nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  hosts:
-    - paths:
-        - path: /
-          pathType: Prefix
 
 storage:
   pvc_enabled: true
@@ -70,52 +67,4 @@ storage:
 serviceAccount:
   create: true
   annotations: {}
-  name: ""
-
-resources:
-  limits:
-    cpu: 100m
-    memory: 256Mi
-  requests:
-    cpu: 100m
-    memory: 128Mi
-
-# affinity:
-#  nodeAffinity:
-#   preferredDuringSchedulingIgnoredDuringExecution:
-#   - weight: 50
-#     preference:
-#       matchExpressions:
-#       - key: project
-#         operator: In
-#         values:
-#         - value1
-
-startupProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-  initialDelaySeconds: 10
-livenessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-readinessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-
-podAnnotations: {}
-podSecurityContext: {}
-securityContext: {}
-nodeSelector: {}
-tolerations: []
-autoscaling:
-  enabled: false
-  minReplicas: 1
-  maxReplicas: 100
-  targetCPUUtilizationPercentage: 80
-  # targetMemoryUtilizationPercentage: 80
+  name: ""
@@ -11,19 +11,19 @@ replicaCount: 1
 
 image:
   repository: hyperledger/fabric-ca
-  pullPolicy: Always
-  # Overrides the image tag whose default is the chart appVersion.
+  pullPolicy: IfNotPresent
+  ### Overrides the image tag whose default is the chart appVersion.
   tag: "1.5.0"
 
 init:
   image:
    repository: npcioss/hlf-builder
-   pullPolicy: Always
+   pullPolicy: IfNotPresent
    tag: "2.4"
 
-# tls_domain : This will be used to create an Ingress, and CSR for the CA server.
-# Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
-# ie, root-ca.my-hlf-domain.com
+## tls_domain : This will be used to create an Ingress, and CSR for the CA server.
+## Eg: my-hlf-domain.com, then the Ingress object will be created as a combination of ".fabric-ca.fullname + .Values.tls_domain"
+## ie, root-ca.my-hlf-domain.com
 tls_domain: my-hlf-domain.com
 ca_server:
   csr_names_country: IN
@@ -34,8 +34,8 @@ ca_server:
   container_port: 7051
   debug: true
   tls_enabled: true
-  # You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
-  # kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
+  ## You must create this secret outside of this chart for maximum security. Don't commit CA user/pass into any charts.
+  ## kubectl -n orderer create secret generic your-secret --from-literal=user=your-admin-user --from-literal=password=your-admin-password
   admin_secret: org1-secret
 
 ica:
@@ -45,6 +45,7 @@ ica:
   intermediate_tls_cert_file: cert.pem
 
 retry_seconds: 60
+recreate_intermediate_cert: false # Make it true if you want to delete existing parent server public key cert and fetch new one.
 
 service:
   type: ClusterIP
@@ -55,10 +56,6 @@ ingress:
   className: "nginx"
   annotations:
     nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  hosts:
-    - paths:
-        - path: /
-          pathType: Prefix
 
 storage:
   pvc_enabled: true
@@ -70,52 +67,4 @@ storage:
 serviceAccount:
   create: true
   annotations: {}
-  name: ""
-
-resources:
-  limits:
-    cpu: 100m
-    memory: 256Mi
-  requests:
-    cpu: 100m
-    memory: 128Mi
-
-# affinity:
-#  nodeAffinity:
-#   preferredDuringSchedulingIgnoredDuringExecution:
-#   - weight: 50
-#     preference:
-#       matchExpressions:
-#       - key: project
-#         operator: In
-#         values:
-#         - value1
-
-startupProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-  initialDelaySeconds: 10
-livenessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-readinessProbe:
-  httpGet:
-    path: /cainfo
-    port: http
-    scheme: HTTPS
-
-podAnnotations: {}
-podSecurityContext: {}
-securityContext: {}
-nodeSelector: {}
-tolerations: []
-autoscaling:
-  enabled: false
-  minReplicas: 1
-  maxReplicas: 100
-  targetCPUUtilizationPercentage: 80
-  # targetMemoryUtilizationPercentage: 80
+  name: ""