HCL Commerce Version 9.1 Helm Chart reference

The following complete reference details the provided hcl-commerce-helmchart Helm Chart, and the various configuration options that are available for deploying HCL Commerce Version 9.1 on Kubernetes.

It is strongly recommended to not modify the default values.yaml configuration  file for your deployment. Instead, create a copy to use as your customized values file, for example, my-values.yaml. This will allow you to maintain your customized values for future deployments and upgrades.

The hcl-commerce-helmchart Helm chart parameters and their default values

The following sections break down the list of Helm Chart parameters into sections for organizational purposes only. For a more detailed breakdown and description of the HCL Commerce features that they correspond or overlap with, see Required Helm Chart configuration for HCL Commerce Version 9.1.

Base deployment configuration
Ingress configuration
Search configuration
HCL Digital Experience integration
Assets tool configuration
LDAP integration
Anthos integration
Approval service configuration
Next.js (Ruby) store configuration

Base deployment configuration


Parameter	Description	Default value
license	The HCL Commerce Version 9 license. You must accept the license before you can deploy HCL Commerce. To view the license, browse all of the files under the LICENSES directory. To accept the license, set  license  to  `accept`.	`not_accepted`
common.vaultTokenSecret	The Kubernetes secret object for vault token.	`vault-token-secret`
common.dbType	The database type. Accepted values are: `db2` `oracle`	`db2`
common.tenant	The tenant name. The common.tenant value can be your organization name. You can have multiple environments under the same tenant.	`demo`
common.timezone	The timezone in ICANN TZ format. For example, `America/Toronto`. This parameter can also be set in all HCL Commerce containers as an environment variable, TZ. If this value is not set, or empty, `GMT` will be used in all containers by default. Warning: Changing the time zone will have impacts on HCL Commerce business logic, such as marketing web activities and promotion start and end dates and times. The values that are set for these site behaviors will not automatically adjust based on this timezone setting. It is recommended to keep this value empty if your site is already being used in a live production environment.	`nil`
Common.runAsNonRoot.enabled	This parameter starts all containers as the non-root user, `comuser`, to improve overall deployment security. Accepted values are: `true` to start containers as the non-root user. `false` to start containers as the root user. By default, this value is set to `true`. It is only recommended to disable this feature to continue using an existing deployment before it can be tested and updated for use with the non-root user. For more information, see HCL Commerce container users and privileges.	`true`
Common.runAsNonRoot.migrateAssetsPvcFromRootToNonroot	This parameter triggers a pre-upgrade job to update the permissions of the files within your Assets Tool `readWriteMany` Persistent Volume Container (PVC), if you use one within your existing deployment. This must be used in specific circumstances when upgrading your deployment to function correctly with the non-root user. For more information, see Updating PVC file permissions for upgrading a Kuberetes deployment from root to non-root user images.	`false`
common.environmentName	The environment name. The common.environmentName is the name of the environment. Some examples of environment name are `dev`, `qa` or `production`. Each HCL Commerce environment can be used to partition logical groups of different hosted applications.	`qa`
common.environmentType	The environment type. Accepted values are: `auth` `live` `share` The common.environmentType is the specific environment type. For each environment, an environment type must be specified: `auth` holds the HCL Commerce staging applications used by administration and business users. `live` holds the production applications to serve live traffic to end users of your storefront. `share` holds the applications that can be consumed by both `auth` and `live` environment types. For example, the new Search solution and new tooling are deployed in the `share` group. To deploy all HCL Commerce instances using a single Helm chart, multiple environment types can be specified as comma-separated-values such as `auth`, `live`, `share`.	`auth`
common.imageRepo	The Docker image Registry.	`my-docker-registry.io:5000/`
common.spiUserName	The spiuser user name. For more information, see Setting the spiuser password in your Docker images.	`spiuser`
common.spiUserPwdAes	The spiuser user password, encrypted with AES by the wc_encrypt utility. The default plain text password is : For HCL Commerce 9.1.0.0 to 9.1.8.0, the password is `passw0rd`, which when encrypted corresponds with the default key, `eNdqdvMAUGRUbiuqadvrQfMELjNScudSp5CBWQ8L6aw`. For HCL Commerce 9.1.9.0 or greater, the password is `QxV7uCk6RRiwvPVaa4wdD78jaHi2za8ssjneNMdu3vgqi`, which when encrypted corresponds with the default key, `cSG7n0iFVpt+Az2JUKeJQJGOXfDkZUUpIYCS1hJXL9hYK3yaSQ2ssVCoz/SKoaCH3g+g+9FGcLejkI/KpJLI5Q==`. You can use the default key to match the sample db2 database Docker container. For more information, see Setting the spiuser password in your Docker images.	`nil`
common.spiUserPwdBase64	The Base64 encoded value for  `spiuser`:`password`. The default plain text password is: For HCL Commerce 9.1.0.0 to 9.1.8.0, the password is `passw0rd`, or  `c3BpdXNlcjpwYXNzdzByZA==`  in Base64. For HCL Commerce 9.1.9.0 or greater, the password is `QxV7uCk6RRiwvPVaa4wdD78jaHi2za8ssjneNMdu3vgqi`, or  `c3BpdXNlcjpReFY3dUNrNlJSaXd2UFZhYTR3ZEQ3OGphSGkyemE4c3NqbmVOTWR1M3ZncWk=`  in Base64. This value can be obtained by piping the values through the Base64 system utility: `echo -n spiuser:password \| base64`	`nil`
common.vaultUrl	The Vault v1 API URL.	`http://vault-consul.vault.svc.cluster.local:8200/v1` Note: This value assumes that hcl-commerce-vaultconsul-helmchart was used to deploy Vault into the `vault` namespace.
common.externalDomain	The external domain use to specify the service external domain name.	`.mycompany.com`
common.bindingConfigMap	The name of the ConfigMap which is to be mounted into each container to expose environment variables. Leave this value blank if you are not using a ConfigMap to pass configuration to each application. This is only required if common.configureMode is set to `EnvVariables`	`nil`
common.configureMode	The default container configuration mode. Accepted values are: `Vault` `EnvVariables`	`Vault`
common.imagePullSecrets	Whether the image should pull secrets if the Docker Registry requires authentication.	`nil`
common.imagePullPolicy	The image pull policy. Accepted values are: `IfNotPresent` `Always`	`IfNotPresent`
common.serviceAccountName	The serviceAccount used for Helm release.	`default`
common.localStoreEnabled	The parameter to enable local store specific ingress creation when deploying a migrated Aurora-based served from the Transaction server. Accepted values are: `true` to create ingress. `false` to not create ingress.	`false`
backwardCompatibility.selector	The pod selector labels defined in the existing deployment. This is required when you deployed HCL Commerce using a different Helm Chart previously and want to use this Chart to upgrade.	`empty map`
backwardCompatibility.ingressFormatUpgrade.enable	Some NGINX and GKE ingress names have changed since the HCL Commerce 9.1.7.0 release. When upgrading from a version prior to 9.1.7.0 to a version that is 9.1.15.0 or greater, you must enable this parameter to trigger an upgrade job to clean up older ingress definitions and avoid conflicts during the upgrade.	`false`
hclCache.configMap	The configuration map used for HCL Cache definition.	See  the values.yaml file for the default configuration.
vaultCA.enabled	The parameter to enable Vault Certificate Authority (CA) configuration mode.	`true`
metrics.enabled	The parameter to enable metrics for HCL Commerce.	`true`
metrics.serviceMonitor.enabled	The parameter to enable service monitor for HCL Commerce.	`false`
metrics.serviceMonitor.interval	The interval, in seconds, to allow Prometheus to query HCL Commerce for service monitoring.	`15s`
metrics.serviceMonitor.selector	The labels for Prometheus to match for service monitoring.	See  the values.yaml file for the default configuration.
metrics.prometheusAnnotations.enabled	The parameter to add Prometheus scraping annotations to pods. Accepted values are: `true` to enable Prometheus scraping annotations. `false` to not enable Prometheus scraping annotations.	`false`
logging.jsonLogging.enabled	The parameter to enable JSON logging. When this parameter is set to `true`, it will enable JSON logging for all application servers. Accepted values are `true`, to enable logging, and `false` to disable JSON logging.	`false`
common.ipv6Enabled	The parameter to enable IPV6. When disabled, HCL Commerce applications will add the `java.net.preferIPv4Stack=true` JVM parameter, and use IPv4. Accepted values are `true`, to enable IPv6, and `false`  to use IPv4.	`false`
OpenshiftDeployment.enabled	Enable deployment on Red Hat OpenShift. Accepted values are `true`, and `false`.	`false`
OpenshiftDeployment.SccName	The Security Context Constraints (SCC) that you want to be granted access for the deployment.	`privileged`
tsDb	The details of the configuration for the `tsDb` deployment.	See  the values.yaml file for the default configuration.
tsApp	The details of the configuration for the `tsApp` deployment.	See  the values.yaml file for the default configuration.
searchAppMaster	The details of the configuration for the `searchAppMaster` deployment.	See  the values.yaml file for the default configuration.
searchAppRepeater	The details of the configuration for the `searchAppRepeater` deployment.	See  the values.yaml file for the default configuration.
searchAppSlave	The details of the configuration for the `searchAppSlave` deployment.	See  the values.yaml file for the default configuration.
tsWeb	The details of the configuration for the `tsWeb` deployment.	See  the values.yaml file for the default configuration.
toolingWeb	The details of the configuration for the `toolingWeb` deployment.	See  the values.yaml file for the default configuration.
storeWeb	The details of the configuration for the `storeWeb` deployment.	See  the values.yaml file for the default configuration.
crsApp	The details of the configuration for the `crsApp` deployment.	See  the values.yaml file for the default configuration.
xcApp	The details of the configuration for the `xcApp` deployment.	See  the values.yaml file for the default configuration.
nifiApp	The details of the configuration for the `nifiApp` deployment.	See  the values.yaml file for the default configuration.
registryApp	The details of the configuration for the `registryApp` deployment.	See  the values.yaml file for the default configuration.
ingestApp	The details of the configuration for the `ingestApp` deployment.	See  the values.yaml file for the default configuration.
queryApp	The details of the configuration for the `queryApp` deployment.	See  the values.yaml file for the default configuration.
tsUtils	The details of the configuration for the `tsUtils` deployment.	See  the values.yaml file for the default configuration.
cacheApp	Configuration details for cache application deployment.	See  the values.yaml file for the default configuration.
mustgatherApp	Configuration details for Must-Gather application deployment. Note: In order to use Must-Gather application, an Elasticsearch based logging system (such as ELK or EFK) is required to ingest all of the HCL Commerce application logging messages into Elasticsearch. The Must-Gather application must be configured to connect to the Elasticsearch server in order to be able to retrieve log messages. To learn more about Must-Gather configuration, refer to Environment data in Vault or Starting the Must-Gather Docker container by retrieving parameters from container environment variables.	See  the values.yaml file for the default configuration.
graphqlApp	The details of the configuration for the GraphQL application deployment.	See  the values.yaml file for the default configuration.
supportC.image	The Support container Docker image to be used as the Helm initContainer, to control pre-install and post-delete processes.	`commerce/supportcontainer`
supportC.tag	The Support container Docker image tag.	`v9-latest`
test.image	The Test Docker image for Helm test.	`docker.io/centos:latest`

Ingress configuration


Parameter	Description	Default value
ingress.enabled	Enable ingress creation. Accepted values are `true`, to enable ingress, and `false`  to disable ingress.	`true`
common.dataIngressEnabled	Deprecated: This parameter was deprecated and removed in version 9.1.7.0. The parameter to control if ingress is created for Elasticsearch Search services. A production environment must have this disabled to avoid security impact. Accepted values are: `True` to create ingress. `False` to not create ingress.	`false`
OpenshiftDeployment.destinationCACertificate	In an OpenShift Container deployment, the routes resources will be created directly instead of ingress. Specify the CA certificate to allow the HAProxy proxy to trust the certificate of HCL Commerce servers. The CA certificate is the one that you specified in Vault deployment.	`nil`
ingress.apiVersion	The API version to use for Ingress. Use `networking.k8s.io/v1beta1` for kubernetes between 1.16 and 1.19 (exclusive). Use `networking.k8s.io/v1` for kubernetes 1.19 and greater. Using this version will avoid the API deprecation warning messages the previous `v1beta1`. For more information, see  https://kubernetes.io/docs/reference/using-api/deprecation-guide/#ingress-v122.	`nil`
ingress.enableToolingForReactStore	The parameter to specify whether ingress for the Marketplace Approval service is enabled or disabled.	`true`
ingress.ingressController	The ingress controller type. Accepted values are: `nginx` `gke` `ambassador` `emissary` Note: For Amazon Elastic Kubernetes Service (EKS), the only supported ingress controller is  `nginx`. Set this parameter to `gke` when deploying on Google Kubernetes Engine (GKE) using the http(s) load balancing server as the ingress controller. If this parameter is set to `ambassador`, then Ambassador mapping resources are created instead of ingress resources. Restriction: With Kubernets 1.22 or greater, Ambassador ingress is not supported. Instead, Emissary is required. The Emisssary ingress controller also requires a version of HCL Commerce 9.1.12.0 or greater.	`nginx`
ingress.emissaryIdsList	The Ambassador ID list for the Emissary listener that is listening on HTTP and HTTPS ports. Leave this value empty if you are only using the default Ambassador ID. If you are using different Ambassador IDs that are defined in the ingress configuration for different components, then you must add them here to create listeners for different Emissaries.	`nil`
ingressSecret.autoCreate	The parameter specifies if the Helm per-install is used to generate an ingress certification secret. This is a convenient way to generate the self-signed certificate for a testing environment.	`true`
ingressSecret.replaceExist	The parameter to specify if the existing ingress certification secret needs to be replaced when deployed.	`true`
ingress.enableManageApprovalPage	The parameter to specify whether ingress is enabled for the Manage Approval page used for the Marketplace approval service. Accepted values are: `true` for enabled. `false` for disabled. This is disabled (`false`) by default.	`false`

Search configuration

The following are all search-related configurations, excluding search server and ingress configurations.


Parameter	Description	Default value
common.searchEngine	The Search solution. Accepted values are: `solr` for the Solr-based search solution. `elastic` for the Elasticsearch-based search solution.	`elastic`
searchIndexCreation	The parameter to enable an Elasticsearch-based search solution index build on deployment. Accepted values are `true` to enable the index build job, or `false` to disable the index build job.	See  the values.yaml file for the default configuration.
searchIndexCreation.pushToLiveEnabled	The parameter to enable the push-to-live index connector portion within the index build job. Accepted values are `true` to enable the push-to-live index connector, or `false` to disable the push-to-live index connector.	See  the values.yaml file for the default configuration.
searchIndexCreation.overalMaxDuration	The maximum duration, in seconds, for the job to complete before it is canceled due to timeout. This value must take into account the number of stores that are indexed, the data set size, and the index build complexity of each store. If the value is not sufficiently set with a generous margin, then the job can be unintentionally canceled before it otherwise would have completed successfully.	See  the values.yaml file for the default configuration.
searchIndexCreation.indexMaxDuration	The maximum duration, in seconds, for each individual index run to be canceled before timeout.	See  the values.yaml file for the default configuration.
searchIndexCreation.interval	The interval, in seconds, for the index build job to wait in between each readiness check for each required search component.	See  the values.yaml file for the default configuration.
searchIndexCreation.txnMaxDuration	The maximum time, in seconds, to wait for the Transaction server to be ready.	See  the values.yaml file for the default configuration.
searchIndexCreation.nifiMaxDuration	The maximum time, in seconds, to wait for the NiFi application to be ready.	See  the values.yaml file for the default configuration.
searchIndexCreation.ingestMaxDuration	The maximum time, in seconds, to wait for the ingest application to be ready.	See  the values.yaml file for the default configuration.
searchIndexCreation.maxRetry	The maximum number of retries for each index build run, in the event that the index build job fails.	See  the values.yaml file for the default configuration.
searchIndexCreation.storeIds	A list of store IDs, separated by commas, to run the index builds against.	See  the values.yaml file for the default configuration.
searchIndexCreation.calculatePriceEnabled	The parameter to enable price calculation for B2B stores. Accepted values are `true` to enable price calculation, and `false` to disable price calculation.	See  the values.yaml file for the default configuration.
searchIndexCreation.calculatePriceStoreIds	A list of store IDs, separated by commas, to run price calculation against.	See  the values.yaml file for the default configuration.

HCL Digital Experience integration


Parameter	Description	Default value
dx.enabled	Enable or disable HCL Digital Experience (DX) configurations for HCL Commerce.	`false`
dx.namespace.auth	The DX `auth` environment namespace. This must be in the same cluster as Commerce.	`nil`
dx.namespace.live	The DX `live` environment namespace. This must be in the same cluster as Commerce.	`nil`
dx.serviceName.auth	The `auth` DX routing (load balancer) service name. Accepted values are `haproxy` or `ambassador` based on the DX version. You can obtain the service name with `kubectl get service`.	`nil`
dx.serviceName.live	The `live` DX routing (load balancer) service name. Accepted values are `haproxy` or `ambassador` based on the DX version. You can obtain the service name with `kubectl get service`.	`nil`

Assets tool configuration


Parameter	Description	Default value
commercenfs.enabled	When enabled as `true`, this parameter deploys the Kubernetes external-storage projects NFS provisioner for use with the Assets tool. For more information, see nfs-server-provisioner.	`false`
assetsPVC.enabled	Create a PersistentVolumeClaim (PVC) for the Assets Tool. If set to `true`, a PVC with `ReadWriteMany` access mode is created. If set to `false`, no PVC is created.	`false`
assetsPVC.storageClass	The storage class name that is used by the PVC for the Assets Tool. This resource provider must support the `ReadWriteMany` access mode.	This defaults to the default storage class for the cluster.
assetsPVC.storage	The storage size that is assigned to the persistent volume.	`5Gi`
assetsPVC.accessMode	The access mode of the PVC. This is required to be `ReadWriteMany` for the Assets Tool PVC.	`ReadWriteMany`
assetsPVC.existingClaim.auth	If there is already an existing PVC for the Assets Tool in the authoring environment, you can assign it with this parameter.	`nil`
assetsPVC.existingClaim.live	If there is already an existing PVC for the Assets Tool in the live environment, you can assign it with this parameter.	`nil`

LDAP integration


Parameter	Description	Default value
ldap.auth.enabled	Specifies if LDAP is enabled for the authoring environment. Accepted values are: `true` for enabled. `false` for disabled. Note: By default, Vault is the default configuration method. There is no parameter required to specify this method of LDAP configuration.	`false`
ldap.auth.useVmmPropertiesFile	You can use the vmm.properties file to define LDAP configuration for a Kubernetes deployment by including a copy of it within a custom Transaction server Docker container. To use this configuration method, set this value to `true`, and then follow the instructions for Integrating HCL Commerce Kubernetes deployments with LDAP. Accepted values are: `true` for enabled. `false` for disabled.	`false`
ldap.auth.useConfigMapForVmmPropertiesFile	You can use the ldap-vmm-auth.properties configuration file to define LDAP configuration for a Kubernetes deployment. To use this configuration method, set this value to `true`, and then follow the instructions for Integrating HCL Commerce Kubernetes deployments with LDAP. Accepted values are: `true` for enabled. `false` for disabled.	`false`
ldap.live.enabled	Specifies if LDAP is enabled for the live environment. Accepted values are: `true` for enabled. `false` for disabled. Note: By default, Vault is the default configuration method. There is no parameter required to specify this method of LDAP configuration.	`false`
ldap.live.useVmmPropertiesFile	You can use the vmm.properties file to define LDAP configuration for a Kubernetes deployment by including a copy of it within a custom Transaction server Docker container. To use this configuration method, set this value to `true`, and then follow the instructions for Integrating HCL Commerce Kubernetes deployments with LDAP. Accepted values are: `true` for enabled. `false` for disabled.	`false`
ldap.live.useConfigMapForVmmPropertiesFile	You can use the ldap-vmm-auth.properties configuration file to define LDAP configuration for a Kubernetes deployment. To use this configuration method, set this value to `true`, and then follow the instructions for Integrating HCL Commerce Kubernetes deployments with LDAP. Accepted values are: `true` for enabled. `false` for disabled.	`false`

Anthos integration


Parameter	Description	Default value
AnthosDeployment.enabled	Introduced in HCL Commerce9.1.11.0, Google Anthos is supported by the HCL Commerce Helm Chart. Enable this feature for deployment when Google Anthos is used. This disables the istio sidecar injection for pre-install, pre-delete, create-index, nifi, and ingest to avoid failures. Note: You can still use older versions of HCL Commerce with Google Anthos by manually updating the HCL Commerce Helm Chart.	`false`

Approval application configuration


Parameter	Description	Default value
approvalApp.enabled	Introduced in HCL Commerce 9.1.12.0, the Approval service is used for approvals within a Marketplace. The Approval service application requires a separately deployed PostgresSQL that must be running before the service is started. The PostgreSQL database URL is passed to the Approval service using the Helm Chart where there is a `bootConfig` section under `approvalApp`.	See  the values.yaml file for the default configuration.

Next.js (Ruby) store configuration


Parameter	Description	Default value
nextjsApp.enabled	Introduced in HCL Commerce 9.1.13.0, the Nextjs Ruby store is a starter store based on the Next.js framework that enables React-based web applications with server-side rendering and generation of static websites. For more information, see Next.js starter store.	See  the values.yaml file for the default configuration.