Release Helm charts 0.5.0 (#58)

Co-authored-by: DA Machine <da-machine@digitalasset.com>

CHANGELOG.md

@@ -0,0 +1,138 @@
+# Changelog
+
+| Notation | Scope
+|--- |---
+| [Canton] | `canton-domain` + `canton-participant` Helm charts
+| [Domain] | `canton-domain` Helm chart
+| [Participant] | `canton-participant` Helm chart
+| [Daml] | `daml-http-json` + `daml-trigger` Helm charts
+| [JSON] | `daml-http-json` Helm chart
+| [Trigger] | `daml-trigger` Helm chart
+| [All] |All Helm charts
+
+## `0.5.0`
+
+* Daml Enterprise `2.7.4`
+* [All] Rename PostgreSQL password environment variable to `PGPASSWORD`
+* [All] Move all mounted configuration files to `/etc/<canton|http-json|trigger>`
+* [Canton] Feed a raw node bootstrap script (key: `bootstrapScript`)
+* [Participant] Fix `Ingress` templating error
+* [Participant] Database transactions asynchronous commits enabled by default (key: `storage.asyncCommitEnabled`)
+* [Participant] Add command service settings (key: `commandService`), prepended to the node bootstrap script
+  ```yaml
+  commandService:
+    maxCommandsInFlight: 10000
+    maxRate: 200
+    maxDirtyRequests: 500
+    maxBurstFactor: 10
+  ```
+* [Participant] Add caching configuration (key: `caching`)
+  ```yaml
+  caching:
+    maxContractStateCacheSize: 1000000
+    maxContractKeyStateCacheSize: 1000000
+    maxTransactionsInMemoryFanOutBufferSize: 100000
+    contractStore:
+      maxSize: 1000000
+      expireAfterAccess: "10m"
+  ```
+
+#### Breaking changes ⚠️
+
+* [Canton] Key `bootstrap` renamed to `bootstrapHook`
+* [Canton] Key `testing.bootstrap` renamed to `test.bootstrapHook`
+* [Domain] Bootstrap hook is enabled by default to connect all components together (key: `bootstrapHook.enabled`)
+
+## `0.4.0`
+
+* Daml Enterprise `2.7.1`
+* [All] Reword to "container image(s)" everywhere (remove "Docker")
+* [Canton] Feed a raw node configuration file to override templates (key: `configOverride`)
+* [Domain] mTLS configuration truly optional in remote participant(s) bootstrap (key: `testing.bootstrap.remoteParticipants[*].mtls`)
+* [Participant] Verifying target domain ID option in bootstrap (key: `bootstrap.remoteSequencer.domain.verifyId`)
+
+---
+
+While it's not recommended in production, and should only be used in development environments,
+you can now connect any participant to a domain, without any beforehand operation required.
+
+##### Domain
+
+Open topology is enabled
+
+```yaml
+bootstrap:
+  enabled: true
+
+manager:
+  topology:
+    open: true
+```
+
+##### Participant
+
+Verifying remote domain ID is disabled
+
+```yaml
+bootstrap:
+  enabled: true
+  remoteSequencer:
+    domain:
+      verifyId: false
+```
+
+## `0.3.0`
+
+* Daml Enterprise `2.7.0`
+* [All] Default values:
+  * `JDK_JAVA_OPTIONS` environment variable
+  * Container resources (CPU/RAM requests/limits)
+* [All] Cert-manager CSI driver global default values: `issuerGroup`, `issuerKind`, `fsGroup`
+* [Canton] Network policies (alpha)
+* [Participant] Custom admin user (key `authServices.additionalAdminUserId`)
+
+## `0.2.0`
+
+* Daml Enterprise `2.6.5`
+* [All] Define security context for pods/containers
+* [Canton] New [distroless](https://github.com/GoogleContainerTools/distroless)
+based Canton container image with user `nonroot` (UID=GID=`65532`)
+* [Participant] JWT authentication custom audience (key `authServices.targetAudience`)
+* [Participant] Automated domain registration (development only)
+
+  ```yaml
+  testing:
+    bootstrap:
+      automaticDomainRegistration: true
+      remoteDomainManager:
+  ...
+  ```
+
+#### Breaking changes ⚠️
+
+Canton Domain values
+
+---
+```yaml
+bootstrap:
+  remoteParticipants: []
+```
+
+Moving to
+
+```yaml
+testing:
+  bootstrap:
+    remoteParticipants: []
+```
+---
+
+## `0.1.0`
+
+Initial public release (beta)
+
+* Daml Enterprise `2.6.4`
+
+## `0.0.x`
+
+Initial work (alpha)

POSTGRES.md

@@ -26,6 +26,7 @@ PostgreSQL server versions `11` to `14` are supported by Canton and Daml service
 
 If you install each Helm chart once (Domain, Participant, HTTP JSON API service & Trigger service)
 using a shared PostgreSQL server for all databases, you should start with 4 vCPUs/cores and 16Go RAM.
+Check the storage to make sure you have enough space, IOPS and throughput available.
 
 ## Availability
 
@@ -64,9 +65,15 @@ The default JVM trust store with common public CA certificates will be used.
 ## Scaling
 
 In case your PostgreSQL server load gets high you can either or both:
-- Scale vertically using a bigger server with more CPU/RAM
+- Scale vertically using a bigger server with more CPU/RAM and faster storage
 - Scale horizontally and host each database on a different PostgreSQL server
 
+To achieve high performance under heavy workload, make sure your server has enough CPU/RAM and
+its storage has enough space, IOPS and throughput available.
+
+On most cloud providers' SaaS solution, the default storage max IOPS and max throughput are scaled according
+to its size, there might also be different tiers/types.
+
 ---
 ## Debugging
 

README.md

@@ -81,6 +81,8 @@ Please refer to the README of each Helm chart for detailed instructions on how t
 
 For further information refer to the [Daml documentation](https://docs.daml.com/).
 
+## [Changelog](./CHANGELOG.md)
+
 ## [Contributing guidelines](./CONTRIBUTING.md)
 
 ## License

charts/canton-domain/Chart.yaml

@@ -1,8 +1,8 @@
 ---
 apiVersion: v2
 name: "canton-domain"
-version: 0.4.0
-appVersion: 2.7.1
+version: 0.5.0
+appVersion: 2.7.4
 kubeVersion: ">= 1.22.0-0"
 description: "A Helm chart for Canton Domains"
 home: https://github.com/digital-asset/daml-helm-charts/tree/main/charts/canton-domain