From 50e2f589fe341b902c7edf1ff307f2dd930ebf3e Mon Sep 17 00:00:00 2001
From: =?utf8?q?=E5=88=98=E6=B4=AA=E9=9D=92?= <hongqing.liu@supwisdom.com>
Date: Tue, 21 Sep 2021 17:10:31 +0800
Subject: [PATCH] =?utf8?q?docs:=20=E9=83=A8=E7=BD=B2yaml=20=E6=95=B4?=
 =?utf8?q?=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 .../2.authx-service-ingresses.yaml            |  4 +-
 .../4.cas-server/2.cas-server-ingresses.yaml  | 12 -----
 .../4.5.cas-server-site-webapp.yaml           | 26 +++++++--
 .../2.token-server-ingresses.yaml             |  2 +-
 .../5.token-server/4.1.token-server.yaml      | 53 +++++++++++++++----
 .../2.personal-security-center-ingresses.yaml | 29 ++++++++--
 .../4.4.personal-security-center-bff.yaml     |  2 +-
 .../4.5.personal-security-center-zuul.yaml    |  4 +-
 .../4.9.security-center-ui.yaml               |  4 +-
 .../2.attest-server-ingresses.yaml            |  4 +-
 .../7.attest-server/4.1.attest-server.yaml    | 10 ++--
 .../8.authx-log/4.0.authx-log-installer.yaml  |  7 +--
 .../8.authx-log/4.2.authx-log-sa.yaml         |  6 +--
 13 files changed, 109 insertions(+), 54 deletions(-)

diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml
index abf1755..c8f87da 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml
@@ -6,14 +6,14 @@ apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   namespace: authx-service
-  name: authx-management-ingress
+  name: authx-service-authx-management-ingress
   annotations:
     nginx.ingress.kubernetes.io/use-regex: "true"
     nginx.ingress.kubernetes.io/rewrite-target: /$1
 spec:
   rules:
   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
-  - host: admin-platform.paas.xxx.edu.cn
+  - host: authx-service.paas.xxx.edu.cn
     http:
       paths:
       - path: /authx-management/(.*)
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/2.cas-server-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/2.cas-server-ingresses.yaml
index 9ffc2a6..c2761e7 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/2.cas-server-ingresses.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/2.cas-server-ingresses.yaml
@@ -17,16 +17,7 @@ metadata:
   name: cas-ingress
   annotations:
     nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
-  #   cert-manager.io/cluster-issuer: "letsencrypt-staging"
-  #   nginx.ingress.kubernetes.io/ssl-redirect: "true"
-  #   nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
-  #   nginx.ingress.kubernetes.io/auth-tls-secret: "cas-server/ca-secret"
-  #   nginx.ingress.kubernetes.io/auth-tls-verify-depth: "1"
 spec:
-  # tls:
-  # - hosts:
-  #   - cas.paas.xxx.edu.cn
-  #   secretName: cas-ingress-tls
   rules:
   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
   - host: cas.paas.xxx.edu.cn
@@ -40,6 +31,3 @@ spec:
         backend:
           serviceName: cas-server-site-scheme-svc
           servicePort: http
-
-
-# TODO: https éç½®è¯´æ
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
index 293e787..930843c 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
@@ -116,8 +116,8 @@ data:
   CASSERVERSITE_SMS_SENDER_IMPL: agent-service
 
   # **ä¿®æ¹** å­¦æ ¡çæ ¹åå
-  CASSERVERSITE_FORGOT_PASSWORD_URL: https://security-center.paas.xxx.edu.cn/find-pwd
-  CASSERVERSITE_ACTIVE_ACCOUNT_URL: https://security-center.paas.xxx.edu.cn/active-account
+  CASSERVERSITE_FORGOT_PASSWORD_URL: https://authx-service.paas.xxx.edu.cn/find-pwd
+  CASSERVERSITE_ACTIVE_ACCOUNT_URL: https://authx-service.paas.xxx.edu.cn/active-account
 
   ## å¨æç ç»å½ç¸å³éç½®
   CASSERVERSITE_PASSWORDLESS_TOKEN_EXPIRATION_IN_SECONDS: "300"
@@ -133,9 +133,7 @@ data:
 
   ##
   # è¶çº§APP Token çéªç­¾å¬é¥
-  # å¦é¡»å è¶çº§APP è¿è¡å¯¹æ¥ï¼ä¿®æ¹æ­¤éç½®
-  # **ä¿®æ¹** å­¦æ ¡çæ ¹åå
-  SUPERAPP_TOKEN_SIGNING_KEY_URL: https://token.paas.xxx.edu.cn/jwt/publicKey
+  SUPERAPP_TOKEN_SIGNING_KEY_URL: http://token-server-svc.token-server.svc.cluster.local:8080/token/jwt/publicKey
 
 
   TPAS_AGENT_SERVICE_SERVER_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080
@@ -180,6 +178,24 @@ data:
   #USER_AUTHZ_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
 
 
+  ATTEST_SERVER_URL: http://attest-server-svc.attest-server.svc.cluster.local:8080/attest
+  ATTEST_CLIENT_AUTH_ENABLED: "false"
+  #ATTEST_CLIENT_AUTH_KEY_PASSWORD: ""
+  #ATTEST_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #ATTEST_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+  #ATTEST_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+  #ATTEST_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+
+  IPADDR_SERVER_URL: http://ipaddr.ipaddr.svc.cluster.local:9090
+  IPADDR_CLIENT_AUTH_ENABLED: "false"
+  #IPADDR_CLIENT_AUTH_KEY_PASSWORD: ""
+  #IPADDR_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #IPADDR_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+  #IPADDR_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+  #IPADDR_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+
   AUTHX_LOG_ENABLED: "true"
   AUTHX_LOG_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
   AUTHX_LOG_RABBITMQ_PORT: "5672"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/2.token-server-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/2.token-server-ingresses.yaml
index 37808ab..3634ed7 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/2.token-server-ingresses.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/2.token-server-ingresses.yaml
@@ -13,7 +13,7 @@ metadata:
 spec:
   rules:
   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
-  - host: token.paas.xxx.edu.cn
+  - host: cas.paas.xxx.edu.cn
     http:
       paths:
       - path: /token
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
index f116acc..89706ed 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
@@ -35,7 +35,7 @@ data:
 
 
   # **ä¿®æ¹** å­¦æ ¡çæ ¹åå
-  TOKEN_SERVER_PREFIX: https://token.paas.xxx.edu.cn
+  TOKEN_SERVER_PREFIX: https://token.paas.xxx.edu.cn/token
   # **ä¿®æ¹** å­¦æ ¡çæ ¹åå
   TOKEN_SERVER_SECURITY_JWT_ISS: token.paas.xxx.edu.cn
   #TOKEN_SERVER_SECURITY_JWT_EXPIRATION: 2592000
@@ -100,6 +100,18 @@ data:
   POA_SCOPES: messagecenter:v1:sendMessage
 
 
+  TPAS_AGENT_SERVICE_SERVER_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080
+  TPAS_AGENT_SERVICE_CLIENT_AUTH_ENABLED: "false"
+  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
+  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+  #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+  #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+  TPAS_AGENT_SERVICE_SMS_SENDER_PATH: /api/v1/tpas/sms/console/send
+  TPAS_AGENT_SERVICE_FACE_FACEVERIFY_PATH: /api/v1/tpas/face/aiface/faceverify
+
+
   CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
   CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
   #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
@@ -117,18 +129,27 @@ data:
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
 
 
-  TPAS_AGENT_SERVICE_SERVER_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080
-  TPAS_AGENT_SERVICE_CLIENT_AUTH_ENABLED: "false"
-  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
-  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
-  #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
-  #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
-  #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+  ATTEST_SERVER_URL: http://attest-server-svc.attest-server.svc.cluster.local:8080/attest
+  ATTEST_CLIENT_AUTH_ENABLED: "false"
+  #ATTEST_CLIENT_AUTH_KEY_PASSWORD: ""
+  #ATTEST_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #ATTEST_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+  #ATTEST_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+  #ATTEST_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
 
-  TPAS_AGENT_SERVICE_SMS_SENDER_PATH: /api/v1/tpas/sms/console/send
-  TPAS_AGENT_SERVICE_FACE_FACEVERIFY_PATH: /api/v1/tpas/face/aiface/faceverify
+
+  IPADDR_SERVER_URL: http://ipaddr.ipaddr.svc.cluster.local:9090
+  IPADDR_CLIENT_AUTH_ENABLED: "false"
+  #IPADDR_CLIENT_AUTH_KEY_PASSWORD: ""
+  #IPADDR_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #IPADDR_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+  #IPADDR_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+  #IPADDR_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
 
 
+  ##
+  # authx-log rabbitmq
+  #
   AUTHX_LOG_ENABLED: "true"
   AUTHX_LOG_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
   AUTHX_LOG_RABBITMQ_PORT: "5672"
@@ -136,6 +157,18 @@ data:
   AUTHX_LOG_RABBITMQ_PASSWORD: guest
 
 
+  ## 
+  # æ¥æ¶ user æ¨éç rabbitmq æ°æ®
+  #
+  USER_RABBITMQ_ENABLED: "true"
+  USER_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
+  USER_RABBITMQ_PORT: "5672"
+  USER_RABBITMQ_USERNAME: guest
+  USER_RABBITMQ_PASSWORD: guest
+
+  USER_RABBITMQ_CONSUMER_ENABLED: "true"
+
+
 ---
 apiVersion: v1
 kind: Secret
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/2.personal-security-center-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/2.personal-security-center-ingresses.yaml
index 36bfc6a..3039a40 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/2.personal-security-center-ingresses.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/2.personal-security-center-ingresses.yaml
@@ -1,7 +1,7 @@
 # personal-security-center-ingresses.yaml
 
 
-# åºå¼ï¼åå¹¶å° å®å¨ä¸­å¿
+# åºå¼ï¼åå¹¶å° authx-service
 # # ä¸ªäººä¸­å¿åç«¯æ¥å£
 # ---
 # apiVersion: extensions/v1beta1
@@ -22,18 +22,39 @@
 #           serviceName: personal-security-center-zuul-svc
 #           servicePort: http
 
+# åºå¼ï¼åå¹¶å° authx-service
+# # å®å¨ä¸­å¿
+# ---
+# apiVersion: extensions/v1beta1
+# kind: Ingress
+# metadata:
+#   namespace: personal-security-center
+#   name: security-center-ingress
+# spec:
+#   rules:
+#   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
+#   - host: security-center.paas.xxx.edu.cn
+#     http:
+#       paths:
+#       - path: /
+#         backend:
+#           serviceName: security-center-ui-svc
+#           servicePort: http
+
 
-# å®å¨ä¸­å¿
+# å®å¨ä¸­å¿ åç«¯UIãåç«¯API
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   namespace: personal-security-center
-  name: security-center-ingress
+  name: authx-service-security-center-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
 spec:
   rules:
   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
-  - host: security-center.paas.xxx.edu.cn
+  - host: authx-service.paas.xxx.edu.cn
     http:
       paths:
       - path: /
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
index c3613c1..9f93bb9 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
@@ -93,7 +93,7 @@ data:
 
 
   # ä¿®æ¹ä¸ºå­¦æ ¡ç personal-security-center çè®¿é®åå
-  PERSONAL_SECURITY_CENTER_SERVER_PREFIX: https://security-center.paas.xxx.edu.cn/personal
+  PERSONAL_SECURITY_CENTER_SERVER_PREFIX: https://authx-service.paas.xxx.edu.cn/personal
   # ä¿®æ¹ä¸ºå­¦æ ¡ç cas çè®¿é®åå
   CAS_SERVER_PREFIX: https://cas.paas.xxx.edu.cn/cas
 
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
index 1dfe99f..32c52ba 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
@@ -66,7 +66,7 @@ data:
 
   INFRAS_SECURITY_CAS_ENABLED: "false"
   # ä¿®æ¹ä¸ºå­¦æ ¡ç security-center çè®¿é®åå
-  APP_SERVER_HOST_URL: "https://security-center.paas.xxx.edu.cn/personal"
+  APP_SERVER_HOST_URL: "https://authx-service.paas.xxx.edu.cn/personal"
   #APP_LOGIN_URL: "/cas/login"
   #APP_LOGOUT_URL: "/cas/logout"
   # ä¿®æ¹ä¸ºå­¦æ ¡ç cas çè®¿é®åå
@@ -75,7 +75,7 @@ data:
 
   # åç«¯APIæå¡ï¼ååè®¿é®æ¶ï¼é»è®¤è·³è½¬å°å
   # ä¿®æ¹ä¸ºå­¦æ ¡ç security-center å®å¨ä¸­å¿çè®¿é®åå
-  APPLICATION_INDEX_REDIRECT_URI: "https://security-center.paas.xxx.edu.cn"
+  APPLICATION_INDEX_REDIRECT_URI: "https://authx-service.paas.xxx.edu.cn"
 
 
   ZUUL_HTTPCLIENT_CLIENT_AUTH_ENABLED: "false"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
index f75282b..671389a 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
@@ -10,9 +10,9 @@ data:
   # **ä¿®æ¹** å­¦æ ¡çæ ¹åå
   RESOURCE_PREFIX: https://authx-minio.paas.xxx.edu.cn/security-center-ui
   SCHOOL_NAME: ""
-  MAIN_SERVER: https://security-center.paas.xxx.edu.cn
+  MAIN_SERVER: https://authx-service.paas.xxx.edu.cn
 
-  PERSONAL_CENTER_API: https://security-center.paas.xxx.edu.cn/personal
+  PERSONAL_CENTER_API: https://authx-service.paas.xxx.edu.cn/personal
 
   # å¯é casï¼uniauth
   AUTH_TYPE: cas
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/2.attest-server-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/2.attest-server-ingresses.yaml
index 7a54b13..71f4d2a 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/2.attest-server-ingresses.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/2.attest-server-ingresses.yaml
@@ -6,10 +6,12 @@ kind: Ingress
 metadata:
   name: attest-server-ingress
   namespace: attest-server
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
 spec:
   rules:
   # ä¿®æ¹ä¸ºå­¦æ ¡çæ ¹åå
-  - host: attest.paas.xxx.edu.cn
+  - host: cas.paas.xxx.edu.cn
     http:
       paths:
       - path: /attest
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
index 0ce24eb..b5defbd 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
@@ -46,7 +46,7 @@ data:
 
 
   # è¶çº§APP Token çéªç­¾å¬é¥
-  TOKEN_SERVER_TOKEN_SIGNING_KEY_URL: http://token-server-svc.token-server.svc.cluster.local:8080/jwt/publicKey
+  TOKEN_SERVER_TOKEN_SIGNING_KEY_URL: http://token-server-svc.token-server.svc.cluster.local:8080/token/jwt/publicKey
 
 
   USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
@@ -74,7 +74,7 @@ data:
   ##
   # token-server
   #
-  TOKEN_SERVER_SERVER_URL: http://token-server-svc.token-server.svc.cluster.local:8080
+  TOKEN_SERVER_SERVER_URL: http://token-server-svc.token-server.svc.cluster.local:8080/token
 
 
   ## 
@@ -139,7 +139,7 @@ spec:
     spec:
       containers:
       - name: attest-server
-        image: harbor.supwisdom.com/attest-server/attest-server:1.0.0-SNAPSHOT-DEV
+        image: harbor.supwisdom.com/attest-server/attest-server:1.4.0-RELEASE
         imagePullPolicy: Always
         ports:
         - containerPort: 8080
@@ -155,9 +155,9 @@ spec:
             name: attest-server-env-secret
         resources:
           requests:
-            memory: "512Mi"
+            memory: "1024Mi"
           limits:
-            memory: "512Mi"
+            memory: "1024Mi"
         readinessProbe:
           httpGet:
             path: /attest/actuator/health
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
index 91a19ba..bfc032f 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
@@ -36,10 +36,5 @@ spec:
                 name: datasource-env-secret
             - configMapRef:
                 name: authx-log-installer-env
-          resources:
-            requests:
-              memory: "256Mi"
-            limits:
-              memory: "256Mi"
       imagePullSecrets:
-        - name: harbor-supwisdom
+        - name: harbor-registry
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
index dc4facf..36bd04c 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
@@ -100,9 +100,9 @@ spec:
                 name: authx-log-sa-env
           resources:
             requests:
-              memory: "400Mi"
+              memory: "1024Mi"
             limits:
-              memory: "400Mi"
+              memory: "1024Mi"
           readinessProbe:
             httpGet:
               path: /actuator/health
@@ -113,4 +113,4 @@ spec:
             successThreshold: 1
             failureThreshold: 10
       imagePullSecrets:
-        - name: harbor-supwisdom
+        - name: harbor-registry
-- 
2.17.1