fix(univention-management-stack): Quote all composed strings

2025-12-08 00:11:38 +01:00 · 2023-11-28 18:55:04 +01:00
parent e0c6c14dca
commit 1c35ca67ce
6 changed files with 22 additions and 24 deletions
--- a/helmfile/apps/univention-management-stack/values-common.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-common.gotmpl
@@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0
 */}}
 ---
 ingress:
-  host: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
+  host: {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
  ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
 ...
--- a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl
@@ -4,17 +4,17 @@ SPDX-License-Identifier: Apache-2.0
 */}}
 ---
 portalListener:
-  adminGroup: "cn=Domain Admins,cn=groups,{{ .Values.ldap.baseDn }}"
+  adminGroup: {{ printf "%s,%s" "cn=Domain Admins,cn=groups" .Values.ldap.baseDn | quote }}
-  assetsRoot: "http://portal-listener:{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalListener }}@ums-store-dav/portal-assets/"
+  assetsRoot: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-assets/" | quote }}
-  ucsInternalUrl: "http://portal-listener:{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalListener }}@ums-store-dav/portal-data/"
+  ucsInternalUrl: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-data/" | quote }}
  ldapBaseDn: {{ .Values.ldap.baseDn | quote }}
  ldapHost: {{ .Values.ldap.host | quote }}
-  ldapHostDn: "cn=admin,{{ .Values.ldap.baseDn }}"
+  ldapHostDn: {{ printf "%s,%s" "cn=admin" .Values.ldap.baseDn | quote }}
  ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
  machineSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
  notifierServer: {{ .Values.ldap.notifierHost | quote }}
-  portalDefaultDn: "cn=domain,cn=portal,cn=portals,cn=univention,{{ .Values.ldap.baseDn }}"
+  portalDefaultDn: {{ printf "%s,%s" "cn=domain,cn=portal,cn=portals,cn=univention" .Values.ldap.baseDn | quote }}
  udmApiUrl: "http://ums-udm-rest-api/udm/"
  udmApiUsername: "cn=admin"
--- a/helmfile/apps/univention-management-stack/values-portal-server.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-portal-server.gotmpl
@@ -4,8 +4,8 @@ SPDX-License-Identifier: Apache-2.0
 */}}
 ---
 portalServer:
-  adminGroup: "cn=Domain Admins,cn=groups,{{ .Values.ldap.baseDn }}"
+  adminGroup: {{ printf "%s,%s" "cn=Domain Admins,cn=groups" .Values.ldap.baseDn | quote }}
-  ucsInternalUrl: "http://portal-server:{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalServer }}@ums-store-dav/portal-data"
+  ucsInternalUrl: {{ printf "%s%s%s" "http://portal-server:" .Values.secrets.univentionManagementStack.storeDavUsers.portalServer "@ums-store-dav/portal-data" | quote }}
  centralNavigation:
    authenticatorSecret: {{ .Values.secrets.centralnavigation.apiKey | quote }}
--- a/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl
@@ -11,18 +11,18 @@ stackDataContext:
    {{- range $username, $password := .Values.secrets.univentionCorporateServer.ldapSearch }}
    - username: {{ printf "ldapsearch_%s" $username | quote }}
      password: {{ $password | quote }}
-      lastname: {{ "LDAP-Search-User" }}
+      lastname: "LDAP-Search-User"
    {{- end }}
  externalDomainName: {{ .Values.global.domain | quote }}
  externalMailDomain: {{ .Values.global.domain | quote }}
-  portalGroupwareLinkBase: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}"
+  portalGroupwareLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.openxchange .Values.istio.domain | quote }}
-  portalFileshareLinkBase: "https://{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}"
+  portalFileshareLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.nextcloud .Values.global.domain | quote }}
-  portalRealtimeCollaborationLinkBase: "https://{{ .Values.global.hosts.element }}.{{ .Values.global.domain }}"
+  portalRealtimeCollaborationLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.element .Values.global.domain | quote }}
-  portalRealtimeVideoconferenceLinkBase: "https://{{ .Values.global.hosts.jitsi }}.{{ .Values.global.domain }}"
+  portalRealtimeVideoconferenceLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.jitsi .Values.global.domain | quote }}
-  portalManagementProjectLinkBase: "https://{{ .Values.global.hosts.openproject }}.{{ .Values.global.domain }}"
+  portalManagementProjectLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.openproject .Values.global.domain | quote }}
-  portalManagementKnowledgeLinkBase: "https://{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
+  portalManagementKnowledgeLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.xwiki .Values.global.domain | quote }}
  smtpHost: {{ .Values.smtp.host | quote }}
  smtpPort: {{ .Values.smtp.port | quote }}
--- a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl
@@ -12,14 +12,12 @@ stackDataContext:
  hostname: {{ .Values.global.hosts.univentionManagementStack | quote }}
  ldapHost: {{ .Values.ldap.host | quote }}
  ldapBase: {{ .Values.ldap.baseDn | quote }}
-  # TODO: This should not be required, the machine account is not there
+  ldapHostDn: {{ printf "%s,%s" "cn=admin" .Values.ldap.baseDn | quote }}
  # ldapHostDn: cn=stub-value,cn=dc,cn=computers,dc=swp-ldap,dc=internal
  ldapHostDn: "cn=admin,{{ .Values.ldap.baseDn }}"
-  idpSamlMetadataUrl: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/saml/descriptor"
+  idpSamlMetadataUrl: {{ printf "https://%s.%s%s" .Values.global.hosts.keycloak .Values.global.domain "/realms/souvap/protocol/saml/descriptor" | quote }}
-  umcSamlSpFqdn: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
+  umcSamlSpFqdn: {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
-  idpFqdn: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
+  idpFqdn: {{ printf "%s.%s" .Values.global.hosts.keycloak .Values.global.domain | quote }}
-  ldapSamlSpUrls: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/saml/metadata"
+  ldapSamlSpUrls: {{ printf "https://%s.%s%s" .Values.global.hosts.univentionManagementStack .Values.global.domain "/univention/saml/metadata" | quote }}
  initialPasswordAdministrator: {{ .Values.secrets.univentionManagementStack.defaultAccounts.administratorPassword | quote }}
--- a/helmfile/apps/univention-management-stack/values-ums-stack-gateway.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-ums-stack-gateway.gotmpl
@@ -4,9 +4,9 @@
 ingress:
  enabled: {{ .Values.ingress.enabled }}
-  hostname: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
+  hostname: {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
  ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
  extraTls:
    - hosts:
-        - "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
+        - {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
      secretName: {{ .Values.ingress.tls.secretName | quote }}