Skip to content

[MOSIP-43143]Add eSignet integration to deployment documentation #1108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bhumi46 wants to merge 1 commit into
base: 1.2.0
Choose a base branch
from
Open

[MOSIP-43143]Add eSignet integration to deployment documentation #1108

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 28 additions & 21 deletions docs/setup/deploymentnew/v3-installation/1.2.0.3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ MOSIP Rapid Deployment Infrastructure is a **unified, cloud-native deployment pl

With MOSIP RDI (Rapid Deployment Infrastructure), you can deploy complete MOSIP identity platforms with enterprise-grade security, monitoring, and automation through a streamlined CI/CD approach that reduces deployment complexity by 90%.

This release introduces **eSignet** as a fully integrated deployment component within the RDI framework. eSignet is MOSIP's OpenID Connect-based authentication and authorization service, enabling secure, standards-based digital identity verification, deployable alongside MOSIP core services using the dedicated `esignet-dsf.yaml` Helmsman configuration.

### How does the rapid deployment model improve upon previous approaches in terms of DevOps modernization?

MOSIP RDI introduces several key improvements over the earlier approach:
Expand All @@ -16,6 +18,7 @@ MOSIP RDI introduces several key improvements over the earlier approach:
4. **Unified Repository and Collaboration**: All infrastructure, configuration, and deployment scripts are maintained in a single repository, promoting collaboration and reducing silos between Dev, Ops, and Security teams.
5. **Security and Compliance**: Automated vulnerability scanning, compliance checks, and secure networking (e.g., **WireGuard VPN**, security groups) are built into the deployment process.
6. **Scalability and Flexibility**: The cloud-native, modular architecture—built on **Kubernetes** and managed via **Helm/Helmsman**—enables seamless scaling and adaptation to changing requirements.
7. **eSignet Integration**: The eSignet authentication stack (Redis, SoftHSM, Keycloak, Mock Identity System, OIDC UI, and Partner Onboarder) is now deployable via a dedicated `esignet-dsf.yaml` Helmsman Desired State File and a dedicated `helmsman_esignet.yml` GitHub Actions workflow, integrated with MOSIP core services deployment.
Copy link

@coderabbitai coderabbitai bot Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Align eSignet component list between prose and diagram.

At Line 21, the stack includes Redis, SoftHSM, Keycloak, Mock Identity System, OIDC UI, and Partner Onboarder; at Line 59, the diagram label lists a subset. Please make both lists consistent (or explicitly mark the diagram list as abbreviated).

Also applies to: 59-59

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@docs/setup/deploymentnew/v3-installation/1.2.0.3.md` at line 21, The eSignet
component list in the "eSignet Integration" sentence (the prose listing Redis,
SoftHSM, Keycloak, Mock Identity System, OIDC UI, and Partner Onboarder) and the
diagram label further down are inconsistent; update the diagram label to include
the missing components or shorten the prose list to match the diagram, or add a
parenthetical like "(abbreviated)" to the diagram label to explicitly indicate
it is a subset—edit the sentence that begins "eSignet Integration" and the
diagram label text so both show the same set (or mark the diagram as
abbreviated) to ensure consistency.


### Where and how do I start?

Expand All @@ -27,48 +30,52 @@ To begin with MOSIP RDI:

**Key Resources**

You can refer to the following key resources to get started with MOSIP Rapid Deployment, Currently the links takes you to repo READMEs as this is the the first beta release of MOSIP RDI (Rapid Deployment Infrastructure) and we are working to bring all the relevant content to this published documentation site as well.
You can refer to the following key resources to get started with MOSIP Rapid Deployment. Currently the links take you to repo READMEs as this is the first beta release of MOSIP RDI (Rapid Deployment Infrastructure) and we are working to bring all the relevant content to this published documentation site as well.

* **Comprehensive Documentation**: Access the official [MOSIP RDI Documentation](https://github.com/mosip/infra) for step-by-step guides, architecture details, and deployment instructions.
* **Deployment Repository**: Clone the deployment codebase from the [MOSIP RDI GitHub Repository](https://github.com/mosip/infra). This repository contains all necessary scripts, modules, and configuration files for a production-ready setup.
* **eSignet Deployment Guide**: Refer to the [eSignet README](https://github.com/mosip/infra/blob/master/docs/esignet_README.md) for configuration details and required secrets.

For additional guidance, refer to the [Documentation](1.2.0.3.md#documentation) section at the end of this document for links to checklists, setup guides, and troubleshooting resources.

### How it works (High-level Overview)

MOSIP RDI follows a **3-step deployment model** that separates infrastructure concerns from application deployment:
MOSIP RDI follows a **3-step deployment model** that separates infrastructure concerns from application deployment. Starting with this release, the eSignet authentication stack is a dedicated fourth deployment phase that runs after MOSIP core services are up.
Copy link

@coderabbitai coderabbitai bot Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Clarify the phase count wording to avoid contradiction.

At Line 43, “3-step deployment model” and “dedicated fourth deployment phase” in the same sentence is confusing. Suggest rewording to “originally 3-step, now extended to 4 phases” (or equivalent).

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@docs/setup/deploymentnew/v3-installation/1.2.0.3.md` at line 43, The sentence
currently says "3-step deployment model" and "dedicated fourth deployment phase"
which contradicts itself; update the phrasing around the existing text "3-step
deployment model" and "fourth deployment phase" to clarify that the model was
originally three steps and is now extended to four phases (for example: "MOSIP
RDI originally follows a 3-step deployment model, and starting with this release
the eSignet authentication stack is added as a dedicated fourth deployment phase
that runs after MOSIP core services are up"). Ensure both phrases are replaced
so the sentence reads unambigously.


### Complete Deployment Flow

```mermaid
graph TD
A[1. Terraform Infrastructure] --> B[2. Helmsman Prerequisites]
B --> C[3. External Dependencies]
C --> D[4. MOSIP Core Services]
D --> E[5. Testing Infrastructure]

A1[base-infra<br/>Foundation] --> A2[observ-infra<br/>Rancher - Optional]
A1 --> A3[infra<br/>MOSIP Clusters]
A2 -.->|Import| A3

B1[prereq-dsf<br/>Monitoring, Istio, Logging] --> C1[external-dsf<br/>External Dependencies]
C1 --> D1[mosip-dsf<br/>Core Services]
D1 --> E1[testrigs-dsf<br/>Testing Suite]

A --> A1
B --> B1

A[1. Terraform Infrastructure] --> B[2. Helmsman]

A --> TF1[base-infra<br/>Foundation]
TF1 --> TF2[observ-infra<br/>Rancher - Optional]
TF1 --> TF3[infra<br/>MOSIP Clusters]
TF2 -.->|Import| TF3

B --> H1[prereq-dsf<br/>Monitoring, Istio, Logging]
H1 --> H2[external-dsf<br/>External Dependencies]
H2 --> H3[mosip-dsf<br/>Core Services]
H3 --> H4[esignet-dsf<br/>Redis, eSignet, OIDC UI, Mock Identity]
H4 --> H5[testrigs-dsf<br/>Testing Suite]

style A fill:#e1f5fe,stroke:#01579b,color:#000000
style B fill:#fff3e0,stroke:#f57c00,color:#000000
style C fill:#fff3e0,stroke:#f57c00,color:#000000
style D fill:#f3e5f5,stroke:#4a148c,color:#000000
style E fill:#e8f5e8,stroke:#1b5e20,color:#000000
style TF1 fill:#ede7f6,stroke:#4527a0,color:#000000
style TF2 fill:#ede7f6,stroke:#4527a0,color:#000000
style TF3 fill:#ede7f6,stroke:#4527a0,color:#000000
style H1 fill:#f3e5f5,stroke:#4a148c,color:#000000
style H2 fill:#f3e5f5,stroke:#4a148c,color:#000000
style H3 fill:#f3e5f5,stroke:#4a148c,color:#000000
style H4 fill:#e0f2f1,stroke:#00695c,color:#000000
style H5 fill:#e8f5e8,stroke:#1b5e20,color:#000000
```

## Documentation

* [**MOSIP Rapid Deployment Infrastructure**](https://github.com/mosip/infra/blob/master/README.md)
* [**Terraform**](https://github.com/mosip/infra/blob/master/terraform/README.md)
* [**Helmsman**](https://github.com/mosip/infra/blob/master/Helmsman/README.md)
* [**eSignet Deployment**](https://github.com/mosip/infra/blob/master/docs/esignet_README.md)
* [**GitHub Actions**](https://github.com/mosip/infra/blob/master/.github/workflows/README.md)
* [**Architecture**](https://github.com/mosip/infra/blob/master/docs/_images/ARCHITECTURE_DIAGRAMS.md)