Update documentation and example values

examples/values.yaml

@@ -27,17 +27,20 @@ global:
     # -- SQL Server connection string (when provider is SqlServer)
     sqlServer:
       connectionString: ""
+      # -- Use existing secret for connection string
+      existingSecret: ""
+      existingSecretKey: "connection-string"
     # -- PostgreSQL configuration (when provider is Postgres)
     postgres:
-      # -- Use external PostgreSQL instance (set to true if PostgreSQL is already deployed in cluster or external)
+      # -- Use external PostgreSQL instance (set to true for managed services like Azure Database for PostgreSQL, AWS RDS, etc.)
       external: false
-      # -- PostgreSQL host (single host or primary for HA, ignored if external=false and internal deployment is used)
+      # -- PostgreSQL host (FQDN for managed services, e.g., myserver.postgres.database.azure.com)
       host: "postgresql"
       # -- PostgreSQL port
       port: 5432
       # -- Database name
       database: "flow"
-      # -- Database username
+      # -- Database username (for Azure, use format: username@servername)
       username: "flow"
       # -- Database password (ignored if existingSecret is set)
       password: ""
@@ -45,17 +48,29 @@ global:
       existingSecret: ""
       # -- Key in existing secret containing the password
       existingSecretKey: "postgres-password"
-      # -- SSL mode: disable, require, verify-ca, verify-full
+      # -- SSL mode: disable, allow, prefer, require, verify-ca, verify-full
       sslMode: "prefer"
-      # -- Additional connection parameters
+      # -- Additional connection parameters (e.g., "sslrootcert=/path/to/ca.crt&application_name=flow")
       extraParams: ""
+      # -- Connection pool settings
+      pooling:
+        # -- Minimum pool size
+        minSize: 5
+        # -- Maximum pool size
+        maxSize: 100
+        # -- Connection lifetime in seconds (0 = infinite)
+        connectionLifetime: 0
+        # -- Connection idle timeout in seconds
+        connectionIdleLifetime: 300
 
   # -- RabbitMQ configuration
   rabbitmq:
-    # -- Use external RabbitMQ instance
+    # -- Use external RabbitMQ instance (set to true for managed services like CloudAMQP, Amazon MQ, etc.)
     external: false
-    # -- RabbitMQ host (single host or first node for HA, ignored if external=false)
+    # -- RabbitMQ host (FQDN for managed services)
     host: "rabbitmq"
+    # -- Additional hosts for cluster connection (comma-separated or list)
+    additionalHosts: []
     # -- RabbitMQ AMQP port
     port: 5672
     # -- RabbitMQ management port
@@ -83,41 +98,114 @@ global:
       enabled: false
       # -- Skip TLS certificate verification (not recommended for production)
       insecureSkipVerify: false
+      # -- Path to CA certificate (for self-signed certs)
+      caCertPath: ""
+      # -- Use existing secret containing TLS certificates
+      existingSecret: ""
+      # -- Key in existing secret containing CA certificate
+      caCertKey: "ca.crt"
 
   # -- Redis configuration
   redis:
     # -- Enable Redis (for caching and distributed locking)
     enabled: false
-    # -- Use external Redis instance
+    # -- Use external Redis instance (set to true for managed services like Azure Cache for Redis, Amazon ElastiCache, etc.)
     external: false
-    # -- Redis host (single host or sentinel master name for HA)
+    # -- Redis deployment mode: standalone, sentinel, or cluster
+    mode: "standalone"
+    
+    # -- Standalone/Sentinel configuration
+    # -- Redis host (single host for standalone, master name for sentinel, ignored for cluster mode)
     host: "redis"
-    # -- Redis port (standard port or sentinel port)
+    # -- Redis port (6379 for standalone, 26379 for sentinel)
     port: 6379
+    
+    # -- Redis Sentinel configuration (when mode=sentinel)
+    sentinel:
+      # -- Sentinel master name
+      masterName: "mymaster"
+      # -- Sentinel nodes (list of host:port)
+      nodes: []
+      # Example:
+      # - "sentinel-0.sentinel:26379"
+      # - "sentinel-1.sentinel:26379"
+      # - "sentinel-2.sentinel:26379"
+      # -- Sentinel password (if different from Redis password)
+      password: ""
+      # -- Use existing secret for sentinel password
+      existingSecret: ""
+      existingSecretKey: "sentinel-password"
+    
+    # -- Redis Cluster configuration (when mode=cluster)
+    cluster:
+      # -- Cluster nodes (list of host:port for cluster endpoints)
+      nodes: []
+      # Example for Azure Cache for Redis (clustered):
+      # - "myredis.redis.cache.windows.net:6380"
+      # Example for Amazon ElastiCache cluster:
+      # - "cluster-endpoint.cache.amazonaws.com:6379"
+      # Example for self-hosted cluster:
+      # - "redis-node-0:6379"
+      # - "redis-node-1:6379"
+      # - "redis-node-2:6379"
+      # -- Maximum number of redirect hops
+      maxRedirects: 3
+    
+    # -- Redis username (Redis 6+ ACL, required for Azure Cache for Redis)
+    username: ""
     # -- Redis password (ignored if existingSecret is set)
     password: ""
     # -- Use existing secret for password
     existingSecret: ""
     # -- Key in existing secret containing the password
     existingSecretKey: "redis-password"
-    # -- Redis database index
+    # -- Redis database index (only for standalone/sentinel, not supported in cluster mode)
     database: 0
-    # -- Use TLS for connection
+    
+    # -- TLS configuration
     tls:
+      # -- Enable TLS (required for most managed Redis services)
       enabled: false
-    # -- Connection timeout in milliseconds
+      # -- Skip TLS certificate verification (not recommended for production)
+      insecureSkipVerify: false
+      # -- Path to CA certificate
+      caCertPath: ""
+      # -- Use existing secret containing TLS certificates
+      existingSecret: ""
+      caCertKey: "ca.crt"
+    
+    # -- Connection settings
     connectTimeout: 5000
     # -- Sync timeout in milliseconds
     syncTimeout: 5000
+    # -- Keep alive interval in seconds (0 to disable)
+    keepAlive: 60
+    # -- Retry settings
+    retry:
+      # -- Maximum retry attempts
+      maxAttempts: 3
+      # -- Base delay between retries in milliseconds
+      baseDelay: 100
+      # -- Maximum delay between retries in milliseconds
+      maxDelay: 5000
+    
+    # -- Connection pool settings
+    pool:
+      # -- Minimum number of connections to maintain
+      minSize: 5
+      # -- Maximum number of connections
+      maxSize: 50
 
-  # -- Service URLs (internal Kubernetes DNS)
+  # -- Service URLs (internal Kubernetes DNS - uses full FQDN for cross-namespace communication)
+  # Format: http://<service-name>.<namespace>.svc.cluster.local:<port>
+  # These are templated and will be resolved during Helm rendering
   serviceUrls:
-    activityRegistry: "http://{{ .Release.Name }}-activity-registry:80"
-    definitionStore: "http://{{ .Release.Name }}-definition-store:80"
-    workflowEngine: "http://{{ .Release.Name }}-workflow-engine:80"
-    workflowLogging: "http://{{ .Release.Name }}-workflow-logging:80"
-    connectionStore: "http://{{ .Release.Name }}-connection-store:80"
-    tenantRegistry: "http://{{ .Release.Name }}-tenant-registry:80"
+    activityRegistry: "http://{{ .Release.Name }}-activity-registry.{{ .Release.Namespace }}.svc.cluster.local:80"
+    definitionStore: "http://{{ .Release.Name }}-definition-store.{{ .Release.Namespace }}.svc.cluster.local:80"
+    workflowEngine: "http://{{ .Release.Name }}-workflow-engine.{{ .Release.Namespace }}.svc.cluster.local:80"
+    workflowLogging: "http://{{ .Release.Name }}-workflow-logging.{{ .Release.Namespace }}.svc.cluster.local:80"
+    connectionStore: "http://{{ .Release.Name }}-connection-store.{{ .Release.Namespace }}.svc.cluster.local:80"
+    tenantRegistry: "http://{{ .Release.Name }}-tenant-registry.{{ .Release.Namespace }}.svc.cluster.local:80"
 
 # =============================================================================
 # Core Services