Skip to content

Commit

Permalink
dbildungs-iam-server
Browse files Browse the repository at this point in the history
  • Loading branch information
dbildungs-iam-server-gha committed Nov 20, 2024
1 parent 9bd9737 commit 065dc11
Show file tree
Hide file tree
Showing 7 changed files with 49 additions and 47 deletions.
2 changes: 1 addition & 1 deletion automation/dbildungs-iam-server/Chart.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
version: 11.0.6
digest: sha256:790bafa04fe9c1cc9f772dc12fada16eb847c282f738fd23df09f665af93ec74
generated: "2024-11-20T14:30:32.230974721Z"
generated: "2024-11-20T14:57:52.391578784Z"
4 changes: 2 additions & 2 deletions automation/dbildungs-iam-server/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v2
appVersion: DBP-1066
appVersion: SPSH-1288
dependencies:
- condition: redis-cluster.enabled
name: redis-cluster
Expand All @@ -8,4 +8,4 @@ dependencies:
description: dBildungs-IAM-server
name: dbildungs-iam-server
type: application
version: 0.0.0-dbp-1066-20241120-1430
version: 0.0.0-spsh-1288-20241120-1457
33 changes: 29 additions & 4 deletions automation/dbildungs-iam-server/templates/_dbildungs-iam-server-envs.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,16 @@
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: frontend-sessionSecret
- name: ITSLEARNING_ENABLED
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: itslearning-enabled
- name: ITSLEARNING_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: itslearning-endpoint
- name: ITSLEARNING_USERNAME
valueFrom:
secretKeyRef:
Expand All @@ -46,16 +56,16 @@
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: itslearning-password
- name: LDAP_BIND_DN
- name: LDAP_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: ldap-bind-dn
- name: LDAP_ADMIN_PASSWORD
key: ldap-admin-password
- name: PI_BASE_URL
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: ldap-admin-password
key: pi-base-url
- name: PI_ADMIN_USER
valueFrom:
secretKeyRef:
Expand All @@ -66,6 +76,21 @@
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: pi-admin-password
- name: PI_USER_RESOLVER
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: pi-user-resolver
- name: PI_REALM
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: pi-user-realm
- name: PI_RENAME_WAITING_TIME
valueFrom:
secretKeyRef:
name: {{ default .Values.auth.existingSecret .Values.auth.secretName }}
key: pi-rename-waiting-time
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
Expand Down
12 changes: 4 additions & 8 deletions automation/dbildungs-iam-server/templates/backend-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,11 @@ spec:
spec:
automountServiceAccountToken: false
initContainers:
{{- if .Values.backend.dbmigration.enabled }}
- name: "{{ template "common.names.name" . }}-db-migration-apply"
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy | default "Always" }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
command: {{ .Values.backend.dbmigration.command }}
command: [ "node", "dist/src/console/main.js", "db", "migration-apply" ]
env:
{{- include "dbildungs-iam-server-backend-envs" . | indent 12 }}
{{- if .Values.backend.extraEnvVars }}
Expand All @@ -39,13 +38,11 @@ spec:
volumeMounts:
{{- toYaml .Values.backend.volumeMounts | nindent 12 }}
resources: {{- toYaml .Values.backend.resources | nindent 12 }}
{{ end }}
{{- if .Values.backend.keycloakdatamigration.enabled }}
- name: "{{ template "common.names.name" . }}-keycloak-data-migration"
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy | default "Always" }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
command: {{ .Values.backend.keycloakdatamigration.command }}
command: [ "node", "dist/src/console/main.js", "keycloak", "update-clients", "dev" ]
env:
{{- include "dbildungs-iam-server-backend-envs" . | indent 12 }}
{{- if .Values.backend.extraEnvVars }}
Expand All @@ -57,21 +54,20 @@ spec:
volumeMounts:
{{- toYaml .Values.backend.volumeMounts | nindent 12 }}
resources: {{- toYaml .Values.backend.resources | nindent 12 }}
{{ end }}
{{- if .Values.backend.dbseeding.enabled }}
- name: db-seeding
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{.Values.imagePullPolicy | default "Always"}}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
command: {{ .Values.backend.dbseeding.command }}
command: [ "node", "dist/src/console/main.js", "db", "seed", "dev" ]
envFrom:
- configMapRef:
name: {{ template "common.names.name" . }}
env: {{- include "dbildungs-iam-server-backend-envs" . | indent 12}}
volumeMounts:
{{- toYaml .Values.backend.volumeMounts | nindent 12 }}
resources: {{- toYaml .Values.backend.resources | nindent 12 }}
{{ end }}
{{end}}
containers:
- name: "{{ template "common.names.name" . }}-backend"
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
Expand Down
10 changes: 0 additions & 10 deletions automation/dbildungs-iam-server/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ metadata:
data:
config-json: |-
{{ .Files.Get "config/config.json" | nindent 4 }}
# why is this node env
NODE_ENV: "prod"
DEPLOY_STAGE: {{ .Values.environment | quote }}
DB_NAME: {{ .Values.database.name | quote }}
Expand All @@ -19,12 +18,3 @@ data:
BACKEND_HOSTNAME: "{{ .Values.backendHostname }}"
LDAP_URL: '{{ .Values.ldap.url | replace "spsh-xxx" .Release.Namespace }}'
LDAP_BIND_DN: "{{ .Values.ldap.bindDN }}"
LDAP_OEFFENTLICHE_SCHULEN_DOMAIN: "{{ .Values.ldap.oeffentlicheSchulenDomain }}"
LDAP_ERSATZSCHULEN_DOMAIN: "{{ .Values.ldap.ersatzschulenDomain }}"
ITSLEARNING_ENABLED: "{{ .Values.itslearning.enabled }}"
ITSLEARNING_ENDPOINT: "{{ .Values.itslearning.endpoint }}"
PI_BASE_URL: "{{ .Values.privacyidea.url }}"
PI_RENAME_WAITING_TIME: "{{ .Values.privacyidea.renameWaitingTime }}"
PI_REALM: "{{ .Values.privacyidea.realm }}"
PI_USER_RESOLVER: "{{ .Values.privacyidea.userResolver }}"

7 changes: 6 additions & 1 deletion automation/dbildungs-iam-server/templates/secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,17 @@ data:
db-username: {{ .Values.database.username }}
keycloak-adminSecret: {{ .Values.auth.keycloak_adminSecret }}
keycloak-clientSecret: {{ .Values.auth.keycloak_clientSecret }}
ldap-bind-dn: {{ .Values.auth.ldap_bind_dn }}
ldap-admin-password: {{ .Values.auth.ldap_admin_password }}
itslearning-enabled: {{ .Values.auth.itslearning_enabled }}
itslearning-endpoint: {{ .Values.auth.itslearning_endpoint }}
itslearning-username: {{ .Values.auth.itslearning_username }}
itslearning-password: {{ .Values.auth.itslearning_password }}
pi-base-url: {{ .Values.auth.pi_base_url }}
pi-admin-user: {{ .Values.auth.pi_admin_user }}
pi-admin-password: {{ .Values.auth.pi_admin_password }}
pi-user-resolver: {{ .Values.auth.pi_user_resolver }}
pi-user-realm: {{ .Values.auth.pi_user_realm }}
pi-rename-waiting-time: {{ .Values.auth.pi_rename_waiting_time }}
secrets-json: {{ .Values.auth.secrets_json }}
redis-password: {{ .Values.auth.redis_password }}
{{- end }}
28 changes: 7 additions & 21 deletions automation/dbildungs-iam-server/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,34 +29,26 @@ database:
ldap:
url: ldap://dbildungs-iam-ldap.spsh-xxx.svc.cluster.local
bindDN: cn=admin,dc=schule-sh,dc=de
oeffentlicheSchulenDomain: schule-sh.de
ersatzschulenDomain: ersatzschule-sh.de

itslearning:
enabled: false
endpoint: https://enterprise.itslintegrations.com/WCFServiceLibrary/ImsEnterpriseServicesPort.svc

privacyidea:
url: https://privacyidea.dev.spsh.dbildungsplattform.de
renameWaitingTime: 5
realm: ucs_users
userResolver: ucs_users


auth:
# existingSecret: Refers to a secret already present in the cluster, which is required.
existingSecret: ''
secretName: dbildungs-iam-server
keycloak_adminSecret: ''
keycloak_clientSecret: ''
ldap_bind_dn: ''
ldap_admin_password: ''
secrets_json: ''
frontend_sessionSecret: ''
itslearning_enabled: ''
itslearning_endpoint: ''
itslearning_username: ''
itslearning_password: ''
pi_base_url: ''
pi_admin_user: ''
pi_admin_password: ''
pi_user_resolver: ''
pi_user_realm: ''
pi_rename_waiting_time: ''
redis_password: ''

backend:
Expand Down Expand Up @@ -99,13 +91,7 @@ backend:
path: '/health'
dbseeding:
enabled: true
command: [ "node", "dist/src/console/main.js", "db", "seed", "dev" ]
dbmigration:
enabled: true
command: [ "node", "dist/src/console/main.js", "db", "migration-apply" ]
keycloakdatamigration:
enabled: true
command: [ "node", "dist/src/console/main.js", "keycloak", "update-clients", "dev" ]
command: ['node', 'dist/src/console/main.js', 'db', 'seed', 'dev', '']
ingress:
enabled: true
ingressClassName: nginx
Expand Down

0 comments on commit 065dc11

Please sign in to comment.