Cluster domain update (#156)

lsubash · pchand20 · web-flow · commit 42a3373a9194 · 2025-08-19T17:05:12.000-07:00
Signed-off-by: Subash Lakkimsetti &lt;subash.lakkimsetti@intel.com&gt;
Co-authored-by: pchandra &lt;prakash1.chandra@intel.com&gt;
diff --git a/helm/attestation-manager/templates/deployment.yaml b/helm/attestation-manager/templates/deployment.yaml
@@ -54,15 +54,15 @@ spec:
               protocol: TCP
           env:
             - name: AAS_URL
-              value: "https://aas.{{ .Release.Namespace }}.svc.cluster.local"
+              value: "https://aas.{{ .Release.Namespace }}.svc"
             - name: AAS_PORT
               value: "{{ .Values.env.aasPort }}"
             - name: CMS_URL
-              value: "https://cms.{{ .Release.Namespace }}.svc.cluster.local"
+              value: "https://cms.{{ .Release.Namespace }}.svc"
             - name: CMS_PORT
               value: "{{ .Values.env.cmsPort }}"
             - name: HVS_URL
-              value: "https://hvs.{{ .Release.Namespace }}.svc.cluster.local"
+              value: "https://hvs.{{ .Release.Namespace }}.svc"
             - name: HVS_PORT
               value: "{{ .Values.env.hvsPort }}"
             - name: TCHOSTNAME
diff --git a/helm/attestation-verifier/charts/aas/templates/configmap.yaml b/helm/attestation-verifier/charts/aas/templates/configmap.yaml
@@ -6,15 +6,15 @@ metadata:
   name: {{ include "factory.name" . }}
   namespace: {{ .Release.Namespace }}
 data:
-   CMS_BASE_URL: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.cms.containerPort }}/cms/v1
-   AAS_DB_HOSTNAME: {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc.cluster.local
+   CMS_BASE_URL: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc:{{ .Values.service.cms.containerPort }}/cms/v1
+   AAS_DB_HOSTNAME: {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc
    AAS_DB_PORT: {{ .Values.config.dbPort | quote }}
    AAS_DB_NAME: {{ .Values.config.dbName }}
    AAS_DB_SSLMODE: {{ .Values.config.dbSSLMode }}
    AAS_DB_SSLCERT: {{ .Values.config.dbSSLCert }}
    {{- if .Values.global }}
-   SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
+   SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
    {{- else }}
-   SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
+   SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
    {{- end }}
    CREATE_CREDENTIALS: "{{ .Values.config.createCredentials }}"
diff --git a/helm/attestation-verifier/charts/aas/templates/init-job.yaml b/helm/attestation-verifier/charts/aas/templates/init-job.yaml
@@ -35,7 +35,7 @@ spec:
           {{ include "factory.imageInitContainer" . | nindent 10 | trim }}
           env:
             - name: URL
-              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.cms.containerPort }}/cms/v1/version
+              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc:{{ .Values.service.cms.containerPort }}/cms/v1/version
             - name: VERSION
               value: {{.Chart.AppVersion }}
             - name: DEPENDENT_SERVICE_NAME
diff --git a/helm/attestation-verifier/charts/aasdb-cert-generator/templates/job.yaml b/helm/attestation-verifier/charts/aasdb-cert-generator/templates/job.yaml
@@ -35,7 +35,7 @@ spec:
               cd /tmp/certs/ &&
               echo '{ "hosts": [{{- if .Values.global }}"{{- if .Values.global.controlPlaneHostname }}{{ .Values.global.controlPlaneHostname }}{{- end }}"{{- else }}"{{ .Values.controlPlaneHostname }}"{{- end }}],"CN": "Attestation Verifier Self Sign Cert","key": {"algo": "rsa", "size": 4096}}' > ca-csr.json &&
               cfssl gencert -initca ca-csr.json | cfssljson -bare ca - &&
-              echo '{"CN":"AAS DB TLS Certificate","hosts":["aasdb.{{ .Release.Namespace }}.svc.cluster.local  "],"key":{"algo":"rsa","size":4096}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -profile=server -hostname="aasdb.{{ .Release.Namespace }}.svc.cluster.local" - | cfssljson -bare aasdb-server
+              echo '{"CN":"AAS DB TLS Certificate","hosts":["aasdb.{{ .Release.Namespace }}.svc  "],"key":{"algo":"rsa","size":4096}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -profile=server -hostname="aasdb.{{ .Release.Namespace }}.svc" - | cfssljson -bare aasdb-server
           volumeMounts:
             - name: cert-volume
               mountPath: /tmp/certs
diff --git a/helm/attestation-verifier/charts/cms/templates/configmap.yaml b/helm/attestation-verifier/charts/cms/templates/configmap.yaml
@@ -7,13 +7,13 @@ metadata:
   namespace: {{ .Release.Namespace }}
 data:
   {{- if .Values.global }}
-  SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
-  AAS_TLS_SAN: {{ .Values.global.controlPlaneHostname }},{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc.cluster.local
+  SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
+  AAS_TLS_SAN: {{ .Values.global.controlPlaneHostname }},{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc
   {{- else }}
-  SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
-  AAS_TLS_SAN: {{ .Values.controlPlaneHostname }},{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc.cluster.local
+  SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
+  AAS_TLS_SAN: {{ .Values.controlPlaneHostname }},{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc
   {{- end }}
-  AAS_API_URL: https://{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1
+  AAS_API_URL: https://{{.Values.dependentServices.aas}}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1
 ---
 # templates/init-script-configmap.yaml
 apiVersion: v1
diff --git a/helm/attestation-verifier/charts/factory/templates/_init.tpl b/helm/attestation-verifier/charts/factory/templates/_init.tpl
@@ -11,7 +11,7 @@ Wait for Database bootstrap
   args:
   - >
     i=0 &&
-    while [ -z $(pg_isready -h {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc.cluster.local -p {{ .Values.config.dbPort }} -U {{ .Values.secret.dbUsername }} | grep "accepting connections") ] && [ $i -lt 5 ]; do  sleep 2; i=$((i+1)); echo "Waiting for {{ include "factory.name" . }} db connection..."; done &&
+    while [ -z $(pg_isready -h {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc -p {{ .Values.config.dbPort }} -U {{ .Values.secret.dbUsername }} | grep "accepting connections") ] && [ $i -lt 5 ]; do  sleep 2; i=$((i+1)); echo "Waiting for {{ include "factory.name" . }} db connection..."; done &&
     if [ $i -eq 5 ]; then echo "Error: timeout exceeded for {{ include "factory.name" . }} db: wait-for-{{ include "factory.name" . }}db"; exit 1; fi
 {{- end }}
 
diff --git a/helm/attestation-verifier/charts/factory/templates/_job.tpl b/helm/attestation-verifier/charts/factory/templates/_job.tpl
@@ -46,7 +46,7 @@ spec:
               {{- end }}
             {{- end }}
             - name: URL
-              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1/version
+              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1/version
             - name: VERSION
               value: {{.Chart.AppVersion }}
             - name: DEPENDENT_SERVICE_NAME
@@ -147,7 +147,7 @@ spec:
                     {{- end }}
                     {{- end }}
                     - name: URL
-                      value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1/version
+                      value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1/version
                     - name: VERSION
                       value: {{.Chart.AppVersion }}
                     - name: DEPENDENT_SERVICE_NAME
diff --git a/helm/attestation-verifier/charts/global-admin-generator/aas-manager.json b/helm/attestation-verifier/charts/global-admin-generator/aas-manager.json
@@ -2,7 +2,7 @@
   {{- if .Values.aas.url }}
   "aas_api_url": "{{ .Values.aas.url }}",
   {{- else }}
-  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1",
+  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1",
   {{- end }}
   {{- if .Values.global }}
   "aas_admin_username": "{{ required "A valid admin username is required!" .Values.global.aas.secret.adminUsername }}",
diff --git a/helm/attestation-verifier/charts/hvs/aas-manager.json b/helm/attestation-verifier/charts/hvs/aas-manager.json
@@ -2,7 +2,7 @@
   {{- if .Values.aas.url }}
   "aas_api_url": "{{ .Values.aas.url }}",
   {{- else }}
-  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1",
+  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1",
   {{- end }}
   {{- if .Values.global }}
   "aas_admin_username": "{{ required "A valid admin username is required!" .Values.global.aas.secret.adminUsername }}",
@@ -21,9 +21,9 @@
                "service": "CMS",
                "name": "CertApprover",
                {{- if .Values.global }}
-               "context":"CN=HVS TLS Certificate;SAN=hvs.{{ .Release.Namespace }}.svc.cluster.local,{{ .Values.global.controlPlaneHostname }};certType=TLS"
+               "context":"CN=HVS TLS Certificate;SAN=hvs.{{ .Release.Namespace }}.svc,{{ .Values.global.controlPlaneHostname }};certType=TLS"
                {{- else }}
-	       "context":"CN=HVS TLS Certificate;SAN=hvs.{{ .Release.Namespace }}.svc.cluster.local,{{ .Values.controlPlaneHostname }};certType=TLS"
+	       "context":"CN=HVS TLS Certificate;SAN=hvs.{{ .Release.Namespace }}.svc,{{ .Values.controlPlaneHostname }};certType=TLS"
                {{- end }}
             },
             {
diff --git a/helm/attestation-verifier/charts/hvs/templates/configmap.yaml b/helm/attestation-verifier/charts/hvs/templates/configmap.yaml
@@ -6,14 +6,14 @@ metadata:
   name: {{ include "factory.name" . }}
   namespace: {{ .Release.Namespace }}
 data:
-  AAS_API_URL: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1
-  CMS_BASE_URL: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.cms.containerPort }}/cms/v1
+  AAS_API_URL: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1
+  CMS_BASE_URL: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc:{{ .Values.service.cms.containerPort }}/cms/v1
   {{- if .Values.global }}
-  SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
+  SAN_LIST: {{ .Values.global.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
   {{- else }}
-  SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc.cluster.local
+  SAN_LIST: {{ .Values.controlPlaneHostname }},{{ include "factory.name" . }}.{{ .Release.Namespace }}.svc
   {{- end }}
-  HVS_DB_HOSTNAME: {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc.cluster.local
+  HVS_DB_HOSTNAME: {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc
   HVS_DB_NAME: {{ .Values.config.dbName }}
   HVS_DB_SSLCERT: {{ .Values.config.dbSSLCert }}
   HVS_DB_PORT: {{ .Values.config.dbPort | quote }}
@@ -22,8 +22,8 @@ data:
   VERIFY_QUOTE_FOR_HOST_REGISTRATION: "{{ .Values.config.verifyQuoteForHostRegistration }}"
   {{- if .Values.global }}
   {{- if .Values.global.config.nats.enabled }}
-  NATS_SERVERS: nats://nats.{{ .Release.Namespace }}.svc.cluster.local:4222
+  NATS_SERVERS: nats://nats.{{ .Release.Namespace }}.svc:4222
   {{- end }}
   {{- else if .Values.config.nats.enabled }}
-  NATS_SERVERS: nats://nats.{{ .Release.Namespace }}.svc.cluster.local:4222
+  NATS_SERVERS: nats://nats.{{ .Release.Namespace }}.svc:4222
   {{- end }}
diff --git a/helm/attestation-verifier/charts/hvsdb-cert-generator/templates/job.yaml b/helm/attestation-verifier/charts/hvsdb-cert-generator/templates/job.yaml
@@ -35,7 +35,7 @@ spec:
               cd /tmp/certs/ &&
               echo '{ "hosts": [{{- if .Values.globalcontrolPlaneHostname }}"{{ .Values.global.controlPlaneHostname }}"{{- else }}"{{ .Values.controlPlaneHostname }}"{{- end }}],"CN": "Attestation Verifier Self Sign Cert","key": {"algo": "rsa", "size": 4096}}' > ca-csr.json &&
               cfssl gencert -initca ca-csr.json | cfssljson -bare ca - &&
-              echo '{"CN":"HVS DB TLS Certificate","hosts":["hvsdb.{{ .Release.Namespace }}.svc.cluster.local  "],"key":{"algo":"rsa","size":4096}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -profile=server -hostname="hvsdb.{{ .Release.Namespace }}.svc.cluster.local" - | cfssljson -bare hvsdb-server
+              echo '{"CN":"HVS DB TLS Certificate","hosts":["hvsdb.{{ .Release.Namespace }}.svc  "],"key":{"algo":"rsa","size":4096}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -profile=server -hostname="hvsdb.{{ .Release.Namespace }}.svc" - | cfssljson -bare hvsdb-server
           volumeMounts:
             - name: cert-volume
               mountPath: /tmp/certs
diff --git a/helm/attestation-verifier/charts/nats-init/aas-manager.json b/helm/attestation-verifier/charts/nats-init/aas-manager.json
@@ -2,7 +2,7 @@
   {{- if .Values.aas.url }}
   "aas_api_url": "{{ .Values.aas.url }}",
   {{- else }}
-  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1",
+  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1",
   {{- end }}
   {{- if .Values.global }}
   "aas_admin_username": "{{ required "A valid admin username is required!" .Values.global.aas.secret.adminUsername }}",
@@ -21,9 +21,9 @@
                "service": "CMS",
                "name": "CertApprover",
                {{- if .Values.global }}
-               "context":"CN=NATS TLS Certificate;SAN=nats.{{ .Release.Namespace }}.svc.cluster.local,{{ .Values.global.controlPlaneHostname }};certType=TLS"
+               "context":"CN=NATS TLS Certificate;SAN=nats.{{ .Release.Namespace }}.svc,{{ .Values.global.controlPlaneHostname }};certType=TLS"
                {{- else }}
-	       "context":"CN=NATS TLS Certificate;SAN=nats.{{ .Release.Namespace }}.svc.cluster.local,{{ .Values.controlPlaneHostname }};certType=TLS"
+	       "context":"CN=NATS TLS Certificate;SAN=nats.{{ .Release.Namespace }}.svc,{{ .Values.controlPlaneHostname }};certType=TLS"
                {{- end }}
             }
          ]
diff --git a/helm/attestation-verifier/charts/nats-init/templates/job.yaml b/helm/attestation-verifier/charts/nats-init/templates/job.yaml
@@ -29,16 +29,16 @@ spec:
       {{- end }}
       serviceAccountName: {{ include "factory.name" . }}
       restartPolicy: Never
-      securityContext:
-        fsGroup: 500
-        runAsNonRoot: true
-        runAsUser: 503
+      securityContext:
+        fsGroup: 500
+        runAsNonRoot: true
+        runAsUser: 503
       initContainers:
         - name: wait-for-aas
           image: {{ .Values.global.image.initName }}:{{.Chart.AppVersion }}
           env:
             - name: URL
-              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1/version
+              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1/version
             - name: VERSION
               value: {{.Chart.AppVersion }}
             - name: DEPENDENT_SERVICE_NAME
@@ -57,20 +57,20 @@ spec:
             - name: NAMESPACE
               value: {{ .Release.Namespace }}
             - name: CMS_K8S_ENDPOINT_URL
-              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.cms.containerPort }}/cms/v1
+              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc:{{ .Values.service.cms.containerPort }}/cms/v1
             - name: NATS_CERT_SAN_LIST
-              value: {{ .Values.global.controlPlaneHostname }},nats.{{ .Release.Namespace }}.svc.cluster.local
+              value: {{ .Values.global.controlPlaneHostname }},nats.{{ .Release.Namespace }}.svc
             - name: NATS_ACCOUNT_NAME
               value: {{ .Values.config.accountName }}
             {{- include "factory.envBearerToken" . | nindent 12 }}
           securityContext:
-            runAsUser: 503
-            runAsGroup: 500
+            runAsUser: 503
+            runAsGroup: 500
             capabilities:
               drop:
                 - all
             allowPrivilegeEscalation: false
-            readOnlyRootFilesystem: true
+            readOnlyRootFilesystem: true
           volumeMounts:
             - name: secretsdir
               mountPath: /secrets
@@ -106,7 +106,7 @@ spec:
           image: {{ .Values.image.initName }}:{{.Chart.AppVersion }}
           env:
             - name: URL
-              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1/version
+              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1/version
             - name: VERSION
               value: {{.Chart.AppVersion }}
             - name: DEPENDENT_SERVICE_NAME
@@ -123,9 +123,9 @@ spec:
             - name: NAMESPACE
               value: {{ .Release.Namespace }}
             - name: CMS_K8S_ENDPOINT_URL
-              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.cms.containerPort }}/cms/v1
+              value: https://{{ .Values.dependentServices.cms }}.{{ .Release.Namespace }}.svc:{{ .Values.service.cms.containerPort }}/cms/v1
             - name: NATS_CERT_SAN_LIST
-              value: {{ .Values.controlPlaneHostname }},nats.{{ .Release.Namespace }}.svc.cluster.local
+              value: {{ .Values.controlPlaneHostname }},nats.{{ .Release.Namespace }}.svc
             - name: NATS_ACCOUNT_NAME
               value: {{ .Values.config.accountName }}
             {{- include "factory.envBearerToken" . | nindent 12 }}
diff --git a/helm/attestation-verifier/charts/trustagent-aas-manager/aas-manager.json b/helm/attestation-verifier/charts/trustagent-aas-manager/aas-manager.json
@@ -2,7 +2,7 @@
   {{- if .Values.aas.url }}
   "aas_api_url": "{{ .Values.aas.url }}",
   {{- else }}
-  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1",
+  "aas_api_url": "https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1",
   {{- end }}
   {{- if .Values.global }}
   "aas_admin_username": "{{ required "A valid admin username is required!" .Values.global.aas.secret.adminUsername }}",
diff --git a/helm/trustagent/charts/factory/templates/_init.tpl b/helm/trustagent/charts/factory/templates/_init.tpl
@@ -8,7 +8,7 @@ Wait for Database bootstrap
   args:
   - >
     i=0 &&
-    while [ -z $(pg_isready -h {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc.cluster.local -p {{ .Values.config.dbPort }} -U {{ .Values.secret.dbUsername }} | grep "accepting connections") ] && [ $i -lt 5 ]; do  sleep 2; i=$((i+1)); echo "Waiting for {{ include "factory.name" . }} db connection..."; done &&
+    while [ -z $(pg_isready -h {{ include "factory.name" . }}db.{{ .Release.Namespace }}.svc -p {{ .Values.config.dbPort }} -U {{ .Values.secret.dbUsername }} | grep "accepting connections") ] && [ $i -lt 5 ]; do  sleep 2; i=$((i+1)); echo "Waiting for {{ include "factory.name" . }} db connection..."; done &&
     if [ $i -eq 5 ]; then echo "Error: timeout exceeded for {{ include "factory.name" . }} db: wait-for-{{ include "factory.name" . }}db"; exit 1; fi
 {{- end }}
 
diff --git a/helm/trustagent/charts/factory/templates/_job.tpl b/helm/trustagent/charts/factory/templates/_job.tpl
@@ -30,7 +30,7 @@ spec:
           image: {{ .Values.image.svc.initName }}:{{.Chart.AppVersion }}
           env:
             - name: URL
-              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.aas.containerPort }}/aas/v1/version
+              value: https://{{ .Values.dependentServices.aas }}.{{ .Release.Namespace }}.svc:{{ .Values.service.aas.containerPort }}/aas/v1/version
             - name: VERSION
               value: {{.Chart.AppVersion }}
             - name: DEPENDENT_SERVICE_NAME
diff --git a/helm/trustagent/templates/configmap.yaml b/helm/trustagent/templates/configmap.yaml
diff --git a/helm/trustagent/templates/daemonset-suefi.yaml b/helm/trustagent/templates/daemonset-suefi.yaml
