Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Build/security updates #1443

Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

Build/security updates #1443

wants to merge 4 commits into from

Conversation

rhyslbw
Copy link
Member

@rhyslbw rhyslbw commented Aug 23, 2024

Context

We have 13 old Dependabot alerts, most can be resolved with these low risk updates.

Proposed Solution

See commits

Required to resolve vulnerable:
- fast-xml-parser
- ws
- tough-cookie
@rhyslbw rhyslbw requested review from mkazlauskas and a team August 23, 2024 08:39
iccicci
iccicci previously approved these changes Aug 23, 2024
mkazlauskas
mkazlauskas previously approved these changes Aug 23, 2024
@rhyslbw rhyslbw marked this pull request as draft August 23, 2024 08:46
Copy link

github-actions bot commented Aug 23, 2024

dev-preview@us-east-1 would change:

dev-preview, dev-preview-cardanojs-asset-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/asset-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: asset-projector
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-asset-projector
  spec:
    selector:
      matchLabels:
        app: asset-projector
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: asset-projector
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: POSTGRES_DB
            value: asset
          - name: POSTGRES_HOST
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: asset-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: asset-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: asset
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: asset-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-backend, Deployment (apps) would change:

  # Source: cardanojs/templates/backend-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: backend
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-backend
  spec:
    selector:
      matchLabels:
        app: backend
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: backend
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: BUILD_INFO
-           value: '{"extra":{"narHash":"sha256-qHYVsOB1ppTvzUEYK89T2zh7dK34eQwKkQPnvPgAmBo=","path":"/nix/store/w25bdk5al2jq90wyd2id8cvf8vwhk8sa-source","sourceInfo":"/nix/store/w25bdk5al2jq90wyd2id8cvf8vwhk8sa-source"},"lastModified":1724399902,"lastModifiedDate":"20240823075822","rev":"f33bc2cc576459255b2396b9d282ea8edbab39cc","shortRev":"f33bc2c"}'
+           value: '{"extra":{"narHash":"sha256-rYOIIpouz/Em8pueyqP9K2CRiQfC8TcUrVIOtQu7dr8=","path":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source","sourceInfo":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source"},"lastModified":1724404719,"lastModifiedDate":"20240823091839","rev":"af28c31fbff84fdf706d12ca0be114016e46cbba","shortRev":"af28c31"}'
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: HANDLE_PROVIDER_SERVER_URL
            value: https://preview.api.handle.me
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preview-postgresql
          - name: POSTGRES_HOST_HANDLE
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: asset,network-info,rewards,stake-pool,tx-submit,utxo
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preview-cardano-stack-metadata.dev-preview.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            periodSeconds: 60
            timeoutSeconds: 30
          name: backend
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1500m
              memory: 512Mi
            requests:
              cpu: 1000m
              memory: 350Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-blockfrost-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/blockfrost-worker-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: blockfrost-worker
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-blockfrost-worker
  spec:
    selector:
      matchLabels:
        app: blockfrost-worker
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: blockfrost-worker
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-blockfrost-worker
          env:
          - name: BLOCKFROST_API_KEY
            valueFrom:
              secretKeyRef:
                key: api-key
                name: blockfrost
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: blockfrost-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-chain-history-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/chain-history-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: chain-history-provider
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-chain-history-provider
  spec:
    selector:
      matchLabels:
        app: chain-history-provider
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: chain-history-provider
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: chain-history
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preview-cardano-stack-metadata.dev-preview.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: chain-history-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1200m
              memory: 300Mi
            requests:
              cpu: 1000m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-handle-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-projector
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-handle-projector
  spec:
    selector:
      matchLabels:
        app: handle-projector
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: handle-projector
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: POSTGRES_DB
            value: handle
          - name: POSTGRES_HOST
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1000m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-handle-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-provider
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-handle-provider
  spec:
    selector:
      matchLabels:
        app: handle-provider
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: handle-provider
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_HANDLE
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-pg-boss-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/pgboss-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: pg-boss-worker
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-pg-boss-worker
  spec:
    selector:
      matchLabels:
        app: pg-boss-worker
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: pg-boss-worker
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-pg-boss-worker
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: METADATA_FETCH_MODE
            value: smash
          - name: NETWORK
            value: preview
          - name: NETWORK_INFO_PROVIDER_URL
            value: http://dev-preview-cardanojs-backend.dev-preview.svc.cluster.local
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preview-postgresql
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "5"
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "5"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: QUEUES
            value: pool-delist-schedule,pool-metadata,pool-metrics,pool-rewards
          - name: SMASH_URL
            value: https://preview-smash.world.dev.cardano.org/api/v1
          - name: STAKE_POOL_PROVIDER_URL
            value: http://dev-preview-cardanojs-backend.dev-preview.svc.cluster.local
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
          name: pg-boss-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          startupProbe:
            httpGet:
              path: /v1.0.0/ready
              port: 3000
            initialDelaySeconds: 80
            periodSeconds: 5
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-stake-pool-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-projector
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-stake-pool-projector
  spec:
    selector:
      matchLabels:
        app: stake-pool-projector
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: stake-pool-projector
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: POSTGRES_DB
            value: stakepoolv2
          - name: POSTGRES_HOST
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: stake-pool,stake-pool-metadata-job,stake-pool-metrics-job,stake-pool-rewards-job
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-stake-pool-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-provider
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-stake-pool-provider
  spec:
    selector:
      matchLabels:
        app: stake-pool-provider
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: stake-pool-provider
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preview
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preview-cardano-core.dev-preview.svc.cluster.local
          - name: OVERRIDE_FUZZY_OPTIONS
            value: "true"
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "10"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: stake-pool
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preview-cardano-stack-metadata.dev-preview.svc.cluster.local
          - name: USE_TYPEORM_STAKE_POOL_PROVIDER
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preview, dev-preview-cardanojs-ws-server, Deployment (apps) would change:

  # Source: cardanojs/templates/ws-server-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: ws-server
      network: preview
      release: dev-preview-cardanojs
    name: dev-preview-cardanojs-ws-server
  spec:
    selector:
      matchLabels:
        app: ws-server
        network: preview
        release: dev-preview-cardanojs
    template:
      metadata:
        labels:
          app: ws-server
          network: preview
          release: dev-preview-cardanojs
      spec:
        containers:
        - args:
          - start-ws-server
          env:
          - name: DB_CACHE_TTL
            value: "7200"
          - name: NETWORK
            value: preview
          - name: OGMIOS_URL
            value: ws://dev-preview-cardano-core.dev-preview.svc.cluster.local:1337
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preview-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "2"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preview-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:l85q7nqzp5df453zpxlj9b0xac0mmx5h
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /health
              port: 3000
          name: ws-server
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert
dev-preprod@us-east-1@v2 would change:

dev-preprod, dev-preprod-cardanojs-v2-asset-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/asset-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: asset-projector
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-asset-projector
  spec:
    selector:
      matchLabels:
        app: asset-projector
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: asset-projector
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: POSTGRES_DB
            value: asset
          - name: POSTGRES_HOST
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: asset-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: asset-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: asset
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: asset-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-backend, Deployment (apps) would change:

  # Source: cardanojs/templates/backend-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: backend
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-backend
  spec:
    selector:
      matchLabels:
        app: backend
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: backend
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: BUILD_INFO
-           value: '{"extra":{"narHash":"sha256-9uklu80TX3eAxVoXGf/7gyvjXu6EwlUYfe0i4DfPMYI=","path":"/nix/store/y9xbqy20gsfrbxjdv15n6zcjvplrqyam-source","sourceInfo":"/nix/store/y9xbqy20gsfrbxjdv15n6zcjvplrqyam-source"},"lastModified":1724359381,"lastModifiedDate":"20240822204301","rev":"b7ec9fb6124405ac33d50b783d606911104a594d","shortRev":"b7ec9fb"}'
+           value: '{"extra":{"narHash":"sha256-rYOIIpouz/Em8pueyqP9K2CRiQfC8TcUrVIOtQu7dr8=","path":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source","sourceInfo":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source"},"lastModified":1724404719,"lastModifiedDate":"20240823091839","rev":"af28c31fbff84fdf706d12ca0be114016e46cbba","shortRev":"af28c31"}'
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: HANDLE_PROVIDER_SERVER_URL
            value: https://preprod.api.handle.me
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preprod-postgresql
          - name: POSTGRES_HOST_HANDLE
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: asset,network-info,rewards,stake-pool,tx-submit,utxo
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preprod-cardano-stack-metadata.dev-preprod.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            periodSeconds: 60
            timeoutSeconds: 30
          name: backend
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1500m
              memory: 512Mi
            requests:
              cpu: 1000m
              memory: 350Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-blockfrost-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/blockfrost-worker-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: blockfrost-worker
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-blockfrost-worker
  spec:
    selector:
      matchLabels:
        app: blockfrost-worker
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: blockfrost-worker
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-blockfrost-worker
          env:
          - name: BLOCKFROST_API_KEY
            valueFrom:
              secretKeyRef:
                key: api-key
                name: blockfrost
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: blockfrost-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-chain-history-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/chain-history-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: chain-history-provider
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-chain-history-provider
  spec:
    selector:
      matchLabels:
        app: chain-history-provider
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: chain-history-provider
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: chain-history
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preprod-cardano-stack-metadata.dev-preprod.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: chain-history-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1200m
              memory: 300Mi
            requests:
              cpu: 1000m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-handle-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-projector
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-handle-projector
  spec:
    selector:
      matchLabels:
        app: handle-projector
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: handle-projector
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: POSTGRES_DB
            value: handle
          - name: POSTGRES_HOST
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1000m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-handle-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-provider
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-handle-provider
  spec:
    selector:
      matchLabels:
        app: handle-provider
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: handle-provider
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_HANDLE
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-pg-boss-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/pgboss-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: pg-boss-worker
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-pg-boss-worker
  spec:
    selector:
      matchLabels:
        app: pg-boss-worker
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: pg-boss-worker
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-pg-boss-worker
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: METADATA_FETCH_MODE
            value: smash
          - name: NETWORK
            value: preprod
          - name: NETWORK_INFO_PROVIDER_URL
            value: http://dev-preprod-cardanojs-v2-backend.dev-preprod.svc.cluster.local
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preprod-postgresql
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "5"
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "5"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: QUEUES
            value: pool-delist-schedule,pool-metadata,pool-metrics,pool-rewards
          - name: SMASH_URL
            value: https://preprod-smash.world.dev.cardano.org/api/v1
          - name: STAKE_POOL_PROVIDER_URL
            value: http://dev-preprod-cardanojs-v2-backend.dev-preprod.svc.cluster.local
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
          name: pg-boss-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          startupProbe:
            httpGet:
              path: /v1.0.0/ready
              port: 3000
            initialDelaySeconds: 80
            periodSeconds: 5
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-stake-pool-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-projector
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-stake-pool-projector
  spec:
    selector:
      matchLabels:
        app: stake-pool-projector
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: stake-pool-projector
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: POSTGRES_DB
            value: stakepoolv2
          - name: POSTGRES_HOST
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: stake-pool,stake-pool-metadata-job,stake-pool-metrics-job,stake-pool-rewards-job
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-stake-pool-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-provider
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-stake-pool-provider
  spec:
    selector:
      matchLabels:
        app: stake-pool-provider
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: stake-pool-provider
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: preprod
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-preprod-cardano-core.dev-preprod.svc.cluster.local
          - name: OVERRIDE_FUZZY_OPTIONS
            value: "true"
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "10"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: stake-pool
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-preprod-cardano-stack-metadata.dev-preprod.svc.cluster.local
          - name: USE_TYPEORM_STAKE_POOL_PROVIDER
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-preprod, dev-preprod-cardanojs-v2-ws-server, Deployment (apps) would change:

  # Source: cardanojs/templates/ws-server-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: ws-server
      network: preprod
      release: dev-preprod-cardanojs-v2
    name: dev-preprod-cardanojs-v2-ws-server
  spec:
    selector:
      matchLabels:
        app: ws-server
        network: preprod
        release: dev-preprod-cardanojs-v2
    template:
      metadata:
        labels:
          app: ws-server
          network: preprod
          release: dev-preprod-cardanojs-v2
      spec:
        containers:
        - args:
          - start-ws-server
          env:
          - name: DB_CACHE_TTL
            value: "7200"
          - name: NETWORK
            value: preprod
          - name: OGMIOS_URL
            value: ws://dev-preprod-cardano-core.dev-preprod.svc.cluster.local:1337
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-preprod-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "2"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-preprod-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /health
              port: 3000
          name: ws-server
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert
dev-mainnet@us-east-1 would change:

dev-mainnet, dev-mainnet-cardanojs-asset-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/asset-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: asset-projector
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-asset-projector
  spec:
    selector:
      matchLabels:
        app: asset-projector
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: asset-projector
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: POSTGRES_DB
            value: asset
          - name: POSTGRES_HOST
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: asset-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: asset-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: asset
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: asset-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-backend, Deployment (apps) would change:

  # Source: cardanojs/templates/backend-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: backend
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-backend
  spec:
    replicas: 2
    selector:
      matchLabels:
        app: backend
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: backend
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: BUILD_INFO
-           value: '{"extra":{"narHash":"sha256-9uklu80TX3eAxVoXGf/7gyvjXu6EwlUYfe0i4DfPMYI=","path":"/nix/store/y9xbqy20gsfrbxjdv15n6zcjvplrqyam-source","sourceInfo":"/nix/store/y9xbqy20gsfrbxjdv15n6zcjvplrqyam-source"},"lastModified":1724359381,"lastModifiedDate":"20240822204301","rev":"b7ec9fb6124405ac33d50b783d606911104a594d","shortRev":"b7ec9fb"}'
+           value: '{"extra":{"narHash":"sha256-rYOIIpouz/Em8pueyqP9K2CRiQfC8TcUrVIOtQu7dr8=","path":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source","sourceInfo":"/nix/store/kz9cd3xx8yfz45cvr5ywxkm803hf591k-source"},"lastModified":1724404719,"lastModifiedDate":"20240823091839","rev":"af28c31fbff84fdf706d12ca0be114016e46cbba","shortRev":"af28c31"}'
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: HANDLE_PROVIDER_SERVER_URL
            value: https://api.handle.me
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: NODE_ENV
            value: production
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-mainnet-postgresql
          - name: POSTGRES_HOST_HANDLE
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: asset,network-info,rewards,stake-pool,tx-submit,utxo
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-mainnet-cardano-stack-metadata.dev-mainnet.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            periodSeconds: 60
            timeoutSeconds: 30
          name: backend
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1500m
              memory: 512Mi
            requests:
              cpu: 1000m
              memory: 350Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-blockfrost-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/blockfrost-worker-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: blockfrost-worker
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-blockfrost-worker
  spec:
    selector:
      matchLabels:
        app: blockfrost-worker
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: blockfrost-worker
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-blockfrost-worker
          env:
          - name: BLOCKFROST_API_KEY
            valueFrom:
              secretKeyRef:
                key: api-key
                name: blockfrost
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: blockfrost-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-chain-history-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/chain-history-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: chain-history-provider
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-chain-history-provider
  spec:
    replicas: 2
    selector:
      matchLabels:
        app: chain-history-provider
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: chain-history-provider
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: NODE_ENV
            value: production
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "50"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: chain-history
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-mainnet-cardano-stack-metadata.dev-mainnet.svc.cluster.local
          - name: USE_BLOCKFROST
            value: "true"
          - name: USE_KORA_LABS
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: chain-history-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1200m
              memory: 300Mi
            requests:
              cpu: 1000m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-handle-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-projector
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-handle-projector
  spec:
    selector:
      matchLabels:
        app: handle-projector
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: handle-projector
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: POSTGRES_DB
            value: handle
          - name: POSTGRES_HOST
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 1000m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-handle-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/handle-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: handle-provider
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-handle-provider
  spec:
    selector:
      matchLabels:
        app: handle-provider
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: handle-provider
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: ENABLE_METRICS
            value: "true"
          - name: HANDLE_POLICY_IDS
            value: f0ff48bbb7bbe9d59a40f1ce90e9e9d0ff5002ec48f232b49ca0fb9a
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: POSTGRES_DB_HANDLE
            value: handle
          - name: POSTGRES_HOST_HANDLE
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_HANDLE
            valueFrom:
              secretKeyRef:
                key: password
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_HANDLE
            value: "10"
          - name: POSTGRES_PORT_HANDLE
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_HANDLE
            value: /tls/ca.crt
          - name: POSTGRES_SSL_HANDLE
            value: "true"
          - name: POSTGRES_USER_HANDLE
            valueFrom:
              secretKeyRef:
                key: username
                name: handle-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: handle
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: handle-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-pg-boss-worker, Deployment (apps) would change:

  # Source: cardanojs/templates/pgboss-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: pg-boss-worker
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-pg-boss-worker
  spec:
    selector:
      matchLabels:
        app: pg-boss-worker
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: pg-boss-worker
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-pg-boss-worker
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: METADATA_FETCH_MODE
            value: smash
          - name: NETWORK
            value: mainnet
          - name: NETWORK_INFO_PROVIDER_URL
            value: http://dev-mainnet-cardanojs-backend.dev-mainnet.svc.cluster.local
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-mainnet-postgresql
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "5"
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "5"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: QUEUES
            value: pool-delist-schedule,pool-metadata,pool-metrics,pool-rewards
          - name: SMASH_URL
            value: https://smash.cardano-mainnet.iohk.io/api/v1
          - name: STAKE_POOL_PROVIDER_URL
            value: http://dev-mainnet-cardanojs-backend.dev-mainnet.svc.cluster.local
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
          name: pg-boss-worker
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          startupProbe:
            httpGet:
              path: /v1.0.0/ready
              port: 3000
            initialDelaySeconds: 80
            periodSeconds: 5
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-stake-pool-projector, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-projector-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-projector
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-stake-pool-projector
  spec:
    selector:
      matchLabels:
        app: stake-pool-projector
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: stake-pool-projector
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-projector
          env:
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: POSTGRES_DB
            value: stakepoolv2
          - name: POSTGRES_HOST
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX
            value: "2"
          - name: POSTGRES_PORT
            value: "5432"
          - name: POSTGRES_SSL
            value: "true"
          - name: POSTGRES_SSL_CA_FILE
            value: /tls/ca.crt
          - name: POSTGRES_USER
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: PROJECTION_NAMES
            value: stake-pool,stake-pool-metadata-job,stake-pool-metrics-job,stake-pool-rewards-job
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-projector
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 700m
              memory: 300Mi
            requests:
              cpu: 700m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-stake-pool-provider, Deployment (apps) would change:

  # Source: cardanojs/templates/stake-pool-provider-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: stake-pool-provider
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-stake-pool-provider
  spec:
    selector:
      matchLabels:
        app: stake-pool-provider
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: stake-pool-provider
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-provider-server
          env:
          - name: ALLOWED_ORIGINS
            value: chrome-extension://gafhhkghbfjjkeiendhlofajokpaflmk,chrome-extension://efeiemlfnahiidnjglmehaihacglceia,chrome-extension://bjlhpephaokolembmpdcbobbpkjnoheb,chrome-extension://djcdfchkaijggdjokfomholkalbffgil,http://localhost/,http://localhost
          - name: DISABLE_STAKE_POOL_METRIC_APY
            value: "true"
          - name: ENABLE_METRICS
            value: "true"
          - name: LOGGER_MIN_SEVERITY
            value: info
          - name: NETWORK
            value: mainnet
          - name: NODE_ENV
            value: production
          - name: OGMIOS_SRV_SERVICE_NAME
            value: dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local
          - name: OVERRIDE_FUZZY_OPTIONS
            value: "true"
          - name: PAGINATION_PAGE_SIZE_LIMIT
            value: "5500"
          - name: POSTGRES_DB_STAKE_POOL
            value: stakepoolv2
          - name: POSTGRES_HOST_STAKE_POOL
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: password
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_STAKE_POOL
            value: "10"
          - name: POSTGRES_PORT_STAKE_POOL
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_STAKE_POOL
            value: /tls/ca.crt
          - name: POSTGRES_SSL_STAKE_POOL
            value: "true"
          - name: POSTGRES_USER_STAKE_POOL
            valueFrom:
              secretKeyRef:
                key: username
                name: stakepoolv2-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: SERVICE_NAMES
            value: stake-pool
          - name: TOKEN_METADATA_SERVER_URL
            value: http://dev-mainnet-cardano-stack-metadata.dev-mainnet.svc.cluster.local
          - name: USE_TYPEORM_STAKE_POOL_PROVIDER
            value: "true"
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /v1.0.0/health
              port: 3000
            timeoutSeconds: 5
          name: stake-pool-provider
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 500m
              memory: 300Mi
            requests:
              cpu: 100m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

dev-mainnet, dev-mainnet-cardanojs-ws-server, Deployment (apps) would change:

  # Source: cardanojs/templates/ws-server-deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    labels:
      app: ws-server
      network: mainnet
      release: dev-mainnet-cardanojs
    name: dev-mainnet-cardanojs-ws-server
  spec:
    selector:
      matchLabels:
        app: ws-server
        network: mainnet
        release: dev-mainnet-cardanojs
    template:
      metadata:
        labels:
          app: ws-server
          network: mainnet
          release: dev-mainnet-cardanojs
      spec:
        containers:
        - args:
          - start-ws-server
          env:
          - name: DB_CACHE_TTL
            value: "7200"
          - name: NETWORK
            value: mainnet
          - name: OGMIOS_URL
            value: ws://dev-mainnet-cardano-core.dev-mainnet.svc.cluster.local:1337
          - name: POSTGRES_DB_DB_SYNC
            value: cardano
          - name: POSTGRES_HOST_DB_SYNC
            value: dev-mainnet-postgresql
          - name: POSTGRES_PASSWORD_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: password
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
          - name: POSTGRES_POOL_MAX_DB_SYNC
            value: "2"
          - name: POSTGRES_PORT_DB_SYNC
            value: "5432"
          - name: POSTGRES_SSL_CA_FILE_DB_SYNC
            value: /tls/ca.crt
          - name: POSTGRES_SSL_DB_SYNC
            value: "true"
          - name: POSTGRES_USER_DB_SYNC
            valueFrom:
              secretKeyRef:
                key: username
                name: cardano-owner-user.dev-mainnet-postgresql.credentials.postgresql.acid.zalan.do
-         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:snmbkcznmzylw0lz00a4nb70b1mz3nv7
+         image: 926093910549.dkr.ecr.us-east-1.amazonaws.com/cardano-services:fcnlpx4cqxrcq4fhrc25v8qqfb2xxyzg
          livenessProbe:
            httpGet:
              path: /health
              port: 3000
          name: ws-server
          ports:
          - containerPort: 3000
            name: http
          resources:
            limits:
              cpu: 300m
              memory: 300Mi
            requests:
              cpu: 200m
              memory: 150Mi
          securityContext:
            runAsGroup: 0
            runAsUser: 0
          volumeMounts:
          - mountPath: /tls
            name: tls
        imagePullSecrets:
        - name: dockerconfigjson
        volumes:
        - name: tls
          secret:
            secretName: postgresql-server-cert

Required to resolve vulnerable:
- pkg
Required to resolve vulnerable:
- postcss
@rhyslbw rhyslbw dismissed stale reviews from mkazlauskas and iccicci via ffcbcf5 August 23, 2024 09:18
@rhyslbw rhyslbw force-pushed the build/security-updates branch from acffebc to ffcbcf5 Compare August 23, 2024 09:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants