fix(helmfile): Use passwords defined in database.yaml.gotmpl for Cassandra when available

docs/migrations.md

@@ -10,6 +10,9 @@ SPDX-License-Identifier: Apache-2.0
 * [Deprecation warnings](#deprecation-warnings)
 * [Automated migrations - Overview and mandatory upgrade path](#automated-migrations---overview-and-mandatory-upgrade-path)
 * [Manual checks/actions](#manual-checksactions)
+  * [v1.8.0+](#v180)
+    * [Pre-upgrade to v1.8.0+](#pre-upgrade-to-v180)
+      * [Helmfile fix: Cassandra passwords read from `databases.*`](#helmfile-fix-cassandra-passwords-read-from-databases)
   * [v1.7.1+](#v171)
     * [Pre-upgrade to v1.7.1+](#pre-upgrade-to-v171)
       * [New application default: Default group for two-factor authentication is now "2FA Users"](#new-application-default-default-group-for-two-factor-authentication-is-now-2fa-users)
@@ -137,6 +140,28 @@ If you would like more details about the automated migrations, please read secti
 
 # Manual checks/actions
 
+## v1.8.0+
+
+### Pre-upgrade to v1.8.0+
+
+#### Helmfile fix: Cassandra passwords read from `databases.*`
+
+**Target group:** All of the below must apply to your deployment:
+1. Enterprise Edition
+2. Using external Cassandra DB
+3. Defined the Cassandra passwords in `databases.*` (`database.yaml.gotmpl`) which got ignored until now
+4. Defined the Cassandra passwords then in `secrets.*` (`secrets.yaml.gotmpl`)
+
+The Cassandra passwords
+- `databases.dovecotDictmap.password`
+- `databases.dovecotACL.password`
+
+are no longer ignored. So please move the passwords from
+- `secrets.cassandra.dovecotDictmapUser`
+- `secrets.cassandra.dovecotACLUser`
+
+to the `databases.*` structure.
+
 ## v1.7.1+
 
 ### Pre-upgrade to v1.7.1+

helmfile/apps/open-xchange/values-dovecot-enterprise.yaml.gotmpl

@@ -23,7 +23,7 @@ dovecot:
     port: {{ .Values.databases.dovecotDictmap.port }}
     username: {{ .Values.databases.dovecotDictmap.username | quote }}
     password:
-      value: {{ .Values.secrets.cassandra.dovecotDictmapUser | quote }}
+      value: {{ .Values.databases.dovecotDictmap.password | default .Values.secrets.cassandra.dovecotDictmapUser | quote }}
     keyspace: {{ .Values.databases.dovecotDictmap.name | quote }}
   sharedMailboxes:
     enabled: true
@@ -31,7 +31,7 @@ dovecot:
     port: {{ .Values.databases.dovecotACL.port }}
     username: {{ .Values.databases.dovecotACL.username | quote }}
     password:
-      value: {{ .Values.secrets.cassandra.dovecotACLUser | quote }}
+      value: {{ .Values.databases.dovecotACL.password | default .Values.secrets.cassandra.dovecotACLUser | quote }}
     keyspace: {{ .Values.databases.dovecotACL.name | quote }}
   objectStorage:
     bucket: {{ .Values.objectstores.dovecot.bucket | quote }}

helmfile/apps/open-xchange/values-openxchange.yaml.gotmpl

@@ -397,6 +397,8 @@ appsuite:
       com.openexchange.share.guestHostname: {{ printf "%s.%s" .Values.global.hosts.openxchange .Values.global.domain }}
       com.openexchange.UIWebPath: "/appsuite/"
       com.openexchange.showAdmin: "false"
+      # Various Mail settings
+      com.openexchange.mail.deleteDraftOnTransport: "true"
       # PDF Export
       com.openexchange.capability.mail_export_pdf: "true"
       com.openexchange.mail.exportpdf.gotenberg.enabled: "true"