From 4340ba6fbc3e51e686ae9dedc9f5f2e23cbe58e1 Mon Sep 17 00:00:00 2001 From: Johannes Lohmer Date: Fri, 9 Aug 2024 22:56:29 +0200 Subject: [PATCH] fix(nubus): Update nubus provisioning and consumer configuration --- helmfile/apps/nubus/values-nubus.yaml.gotmpl | 28 ++++++++++++------- .../values-opendesk-customization.yaml.gotmpl | 12 ++++---- .../nubus/values-opendesk-images.yaml.gotmpl | 14 +++++----- .../environments/default/persistence.yaml | 2 +- helmfile/environments/default/replicas.yaml | 2 +- helmfile/environments/default/resources.yaml | 4 +-- helmfile/environments/default/secrets.gotmpl | 2 +- helmfile/environments/default/selinux.yaml | 2 +- helmfile/environments/test/values.yaml.gotmpl | 4 +-- 9 files changed, 40 insertions(+), 30 deletions(-) diff --git a/helmfile/apps/nubus/values-nubus.yaml.gotmpl b/helmfile/apps/nubus/values-nubus.yaml.gotmpl index d28e9daa..6e719cd8 100644 --- a/helmfile/apps/nubus/values-nubus.yaml.gotmpl +++ b/helmfile/apps/nubus/values-nubus.yaml.gotmpl @@ -203,13 +203,21 @@ nubusPortalFrontend: secretName: {{ .Values.ingress.tls.secretName | quote }} nubusPortalListener: - portalListener: + enabled: false + +nubusPortalConsumer: + enabled: true + portalConsumer: + logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }} objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }} objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }} objectStorageCredentialSecret: - name: "ums-portal-listener-minio-opendesk-credentials" + name: "ums-portal-consumer-minio-opendesk-credentials" accessKeyKey: "access-key-id" secretKeyKey: "secret-key-id" + provisioningApi: + auth: + username: "portal-consumer" nubusPortalServer: portalServer: @@ -235,15 +243,15 @@ nubusUdmRestApi: tls: secretName: {{ .Values.ingress.tls.secretName | quote }} -# NOTE: disabled until the next update. nubusProvisioning: - enabled: false -nubusUdmListener: - enabled: false -nubusSelfServiceListener: enabled: true - selfserviceListener: - umcAdminUser: "default.admin" +nubusUdmListener: + enabled: true +nubusSelfServiceListener: + enabled: false + +nubusSelfServiceConsumer: + enabled: true # Nubus services nubusStackDataUms: @@ -426,7 +434,7 @@ extraSecrets: stringData: access-key-id: {{ .Values.objectstores.nubus.username | quote }} secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }} - - name: "ums-portal-listener-minio-opendesk-credentials" + - name: "ums-portal-consumer-minio-opendesk-credentials" stringData: access-key-id: {{ .Values.objectstores.nubus.username | quote }} secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }} diff --git a/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl b/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl index 1e3fc819..c2cfacd6 100644 --- a/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl +++ b/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl @@ -87,15 +87,17 @@ nubusKeycloakExtensions: resources: {{ .Values.resources.umsKeycloakExtensionProxy | toYaml | nindent 6 }} -nubusPortalListener: +nubusPortalConsumer: podAnnotations: - intents.otterize.com/service-name: "ums-portal-listener" - replicaCount: {{ .Values.replicas.umsPortalListener }} + intents.otterize.com/service-name: "ums-portal-consumer" + replicaCount: {{ .Values.replicas.umsPortalConsumer }} resources: - {{ .Values.resources.umsPortalListener | toYaml | nindent 4 }} + {{ .Values.resources.umsPortalConsumer | toYaml | nindent 4 }} + resourcesWaitForDependency: + {{ .Values.resources.umsPortalConsumerDependencies | toYaml | nindent 4 }} persistence: storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} - size: {{ .Values.persistence.size.nubus.portalListener | quote }} + size: {{ .Values.persistence.size.nubus.portalConsumer | quote }} nubusPortalServer: additionalAnnotations: diff --git a/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl b/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl index 75427fcc..f9545b73 100644 --- a/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl +++ b/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl @@ -51,7 +51,6 @@ nubusLdapServer: repository: {{ .Values.images.nubusWaitForDependency.repository }} tag: {{ .Values.images.nubusWaitForDependency.tag }} - nubusPortalConsumer: portalConsumer: image: @@ -59,7 +58,6 @@ nubusPortalConsumer: repository: {{ .Values.images.nubusPortalConsumer.repository }} tag: {{ .Values.images.nubusPortalConsumer.tag }} - nubusNotificationsApi: image: registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusNotificationsApi.registry | quote }} @@ -72,11 +70,12 @@ nubusPortalFrontend: repository: {{ .Values.images.nubusPortalFrontend.repository }} tag: {{ .Values.images.nubusPortalFrontend.tag }} -nubusPortalListener: - image: - registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalListener.registry | quote }} - repository: {{ .Values.images.nubusPortalListener.repository }} - tag: {{ .Values.images.nubusPortalListener.tag }} +nubusPortalConsumer: + portalConsumer: + image: + registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalConsumer.registry | quote }} + repository: {{ .Values.images.nubusPortalConsumer.repository }} + tag: {{ .Values.images.nubusPortalConsumer.tag }} waitForDependency: image: registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }} @@ -156,6 +155,7 @@ nubusSelfServiceListener: registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusSelfserviceListener.registry | quote }} repository: {{ .Values.images.nubusSelfserviceListener.repository }} tag: {{ .Values.images.nubusSelfserviceListener.tag }} + selfserviceInvitation: image: registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusSelfserviceInvitation.registry | quote }} diff --git a/helmfile/environments/default/persistence.yaml b/helmfile/environments/default/persistence.yaml index fcf87812..e9c93a0d 100644 --- a/helmfile/environments/default/persistence.yaml +++ b/helmfile/environments/default/persistence.yaml @@ -19,7 +19,7 @@ persistence: nubus: ldapServerData: "1Gi" ldapServerShared: "1Gi" - portalListener: "1Gi" + portalConsumer: "1Gi" selfserviceListener: "1Gi" xwiki: "1Gi" ... diff --git a/helmfile/environments/default/replicas.yaml b/helmfile/environments/default/replicas.yaml index 4d64ae63..aa089a1b 100644 --- a/helmfile/environments/default/replicas.yaml +++ b/helmfile/environments/default/replicas.yaml @@ -94,7 +94,7 @@ replicas: # -- scalable: true umsPortalFrontend: 1 # -- scalable: tbd - umsPortalListener: 1 + umsPortalConsumer: 1 # -- scalable: true umsPortalServer: 1 # -- scalable: tbd diff --git a/helmfile/environments/default/resources.yaml b/helmfile/environments/default/resources.yaml index db65bf52..fff12191 100644 --- a/helmfile/environments/default/resources.yaml +++ b/helmfile/environments/default/resources.yaml @@ -471,14 +471,14 @@ resources: requests: cpu: 0.1 memory: "256Mi" - umsPortalListener: + umsPortalConsumer: limits: cpu: 99 memory: "1Gi" requests: cpu: 0.1 memory: "256Mi" - umsPortalListenerDependencies: + umsPortalConsumerDependencies: limits: cpu: 99 memory: "1Gi" diff --git a/helmfile/environments/default/secrets.gotmpl b/helmfile/environments/default/secrets.gotmpl index 657bdf8a..f662f5d2 100644 --- a/helmfile/environments/default/secrets.gotmpl +++ b/helmfile/environments/default/secrets.gotmpl @@ -36,7 +36,7 @@ secrets: sysIdpUserPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "sysIdpUser" | sha1sum | quote }} storeDavUsers: portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }} - portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }} + portalConsumer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-consumer" "store-dav" | sha1sum | quote }} provisioning: apiNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "nats" | sha1sum | quote }} apiAdminNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "apiAdmin" "nats" | sha1sum | quote }} diff --git a/helmfile/environments/default/selinux.yaml b/helmfile/environments/default/selinux.yaml index fbe3c190..ad1270f9 100644 --- a/helmfile/environments/default/selinux.yaml +++ b/helmfile/environments/default/selinux.yaml @@ -77,7 +77,7 @@ seLinuxOptions: umsNotificationsApi: ~ umsOpenPolicyAgent: ~ umsPortalFrontend: ~ - umsPortalListener: ~ + umsPortalConsumer: ~ umsPortalServer: ~ umsProvisioningDispatcher: ~ umsProvisioningEventsAndConsumerApi: ~ diff --git a/helmfile/environments/test/values.yaml.gotmpl b/helmfile/environments/test/values.yaml.gotmpl index abdf7f84..35535f51 100644 --- a/helmfile/environments/test/values.yaml.gotmpl +++ b/helmfile/environments/test/values.yaml.gotmpl @@ -21,7 +21,7 @@ persistence: nubus: ldapServerData: "42Gi" ldapServerShared: "42Gi" - portalListener: "42Gi" + portalConsumer: "42Gi" selfserviceListener: "42Gi" postfix: "42Gi" postgresql: "42Gi" @@ -91,7 +91,7 @@ replicas: umsLdapServer: 42 umsNotificationsApi: 42 umsPortalFrontend: 42 - umsPortalListener: 42 + umsPortalConsumer: 42 umsPortalServer: 42 umsSelfserviceListener: 42 umsStackGateway: 42