feat(open-xchange): OX AppSuite 8 within SWP is now publicly available

.gitlab-ci.yml

@@ -29,11 +29,7 @@ variables:
       - "prototype"
   BASE_DOMAIN:
     description: "Define the Cluster Base Domain."
-    value: "souvap-univention.de"
+    value: "souvap.cloud"
-    options:
-      - "souvap-univention.de"
-      - "at-univention.de"
-      - "souvap.cloud"
   MASTER_PASSWORD_WEB_VAR:
     description: "Optional: Provide a passphrase to be used for password generation."
     value: ""

README.md

@@ -6,11 +6,11 @@ SPDX-License-Identifier: Apache-2.0
 
 [[_TOC_]]
 
-# Disclaimer July 2023
+# Disclaimer August 2023
 
-The current state of the SWP is missing two components that are not yet generally available to the public also
+The current state of the SWP is missing one component which is not yet generally available to the public also
-outside the SWP (Element Starter Edition and Open-Xchange App Suite 8), and contains components that will be replaced
+outside the SWP (Element Starter Edition), and contains components that will be replaced (e.g. UCS dev container
-(e.g. UCS dev container monolith to be replaced by multiple Univention Management Stack containers).
+monolith to be replaced by multiple Univention Management Stack containers).
 In the next months we not only expect upstream updates of the functional components within their feature scope but we
 are going to address operational issues like monitoring and network policies.
 
@@ -18,7 +18,7 @@ Of course we will also extend the documentation.
 
 In any case we love to get feedback from you! Related to the deployment / contents of this repository please use the [issues within this project](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/-/issues).
 
- If you want to address other topics, please check the section ["Rückmeldungen und Beteiligung" of the Infos' project OVERVIEW.md](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/info/-/blob/main/OVERVIEW.md#rückmeldungen-und-beteiligung).
+If you want to address other topics, please check the section ["Rückmeldungen und Beteiligung" of the Infos' project OVERVIEW.md](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/info/-/blob/main/OVERVIEW.md#rückmeldungen-und-beteiligung).
 
 The first release of the SWP is scheduled for December 2023. Before that release there will be breaking changes in the deployment.
 
@@ -58,7 +58,7 @@ You have to take care about the following prerequisites in order to deploy the S
 - Volume provisioner supporting RWO (read-write-once)
 - Certificate handling with [cert-manager](https://cert-manager.io/)
 - [Istio](https://istio.io/) is currently required to deploy and operate OX AppSuite8, we are working with Open-Xchange
-to get rid of this component.
+to get rid of this dependency.
 
 #### TLS Certificate
 
@@ -75,7 +75,7 @@ You need to expose following variables to run the installation.
 | `DOMAIN`            | `souvap-univention.de`       | External reachable domain                         |
 | `ISTIO_DOMAIN`      | `istio.souvap-univention.de` | External reachable domain for Istio Gateway       |
 | `MASTER_PASSWORD`   | `sovereign-workplace`        | The password that seeds the autogenerated secrets |
-| `SMTP_PASSWORD`     |                              | Password for STMP relay gateway                   |
+| `SMTP_PASSWORD`     |                              | Password for SMTP relay gateway                   |
 | `TURN_CREDENTIALS`  |                              | Credentials for coturn server                     |
 
 Please ensure you have set DNS records pointing to the respective loadbalancer/IP for `DOMAIN` and `ISTIO_DOMAIN`.
@@ -126,7 +126,9 @@ and wait. After the deployment are finished some bootstrapping is executed which
 
 ## Logging in
 
-Once you have successfully deployed the SWP you should see the portal's login page at `https://portal.<DOMAIN>`.
+When successfully deployed the SWP all K8s jobs from the deployment should be in the status `Succeeded` and all pods should be up an `Running`.
+
+You should see the portal's login page at `https://portal.<DOMAIN>`.
 
 Off the shelf you get two accounts with passwords you can lookup in the `univention-corporate-container-*` pod environment:
 
@@ -135,6 +137,8 @@ Off the shelf you get two accounts with passwords you can lookup in the `univent
 | default.user       | DEFAULT_ACCOUNT_USER_PASSWORD  |
 | default.admin      | DEFAULT_ACCOUNT_ADMIN_PASSWORD |
 
+If you do not see any tiles in the portal after the login you may want to wait a couple of minutes, as on the initial start some bootstrapping and cache building is done, that blocks the portal entries from showing up.
+
 # Helmfile
 
 ## Custom Configuration

helmfile.yaml

@@ -11,8 +11,7 @@ helmfiles:
   - path: "helmfile/apps/univention-corporate-container/helmfile.yaml"
   - path: "helmfile/apps/keycloak-bootstrap/helmfile.yaml"
   - path: "helmfile/apps/intercom-service/helmfile.yaml"
-  # Disable Open-Xchange AppSuite 8 Deployment until it is publicly available
+  - path: "helmfile/apps/open-xchange/helmfile.yaml"
-  # - path: "helmfile/apps/open-xchange/helmfile.yaml"
   - path: "helmfile/apps/nextcloud/helmfile.yaml"
   - path: "helmfile/apps/collabora/helmfile.yaml"
   - path: "helmfile/apps/jitsi/helmfile.yaml"

helmfile/apps/keycloak-bootstrap/helmfile.yaml

@@ -2,12 +2,12 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "swp-keycloak-bootstrap"
+  - name: "sovereign-workplace-keycloak-bootstrap"
     url: "https://gitlab.souvap-univention.de/api/v4/projects/138/packages/helm/stable"
 
 releases:
-  - name: "swp-keycloak-bootstrap"
+  - name: "sovereign-workplace-keycloak-bootstrap"
-    chart: "swp-keycloak-bootstrap/sovereign-workplace-keycloak-bootstrap"
+    chart: "sovereign-workplace-keycloak-bootstrap/sovereign-workplace-keycloak-bootstrap"
     version: "1.1.11"
     values:
       - "values-bootstrap.gotmpl"

helmfile/apps/open-xchange/helmfile.yaml

@@ -7,9 +7,6 @@ repositories:
   - name: "openxchange"
     url: "registry.open-xchange.com"
     oci: true
-    passCredentials: true
-    # username is retrieve from the environment with the format <registryNameUpperCase>_USERNAME for CI usage, here OPENXCHANGE_USERNAME
-    # username is retrieve from the environment with the format <registryNameUpperCase>_PASSWORD for CI usage, here OPENXCHANGE_PASSWORD
   - name: "sovereign-workplace-open-xchange-bootstrap"
     url: "https://gitlab.souvap-univention.de/api/v4/projects/139/packages/helm/stable"
 
@@ -22,8 +19,8 @@ releases:
       - "values-dovecot.gotmpl"
     condition: "dovecot.enabled"
   - name: "open-xchange"
-    chart: "openxchange/appsuite-core-public-sector/charts/appsuite-public-sector"
+    chart: "openxchange/appsuite-public-sector/charts/appsuite-public-sector"
-    version: "1.1.8"
+    version: "1.2.13"
     values:
       - "values-openxchange.yaml"
       - "values-openxchange.gotmpl"

helmfile/apps/open-xchange/values-openxchange.gotmpl

@@ -18,12 +18,18 @@ istio:
   enabled: {{ .Values.istio.enabled }}
 
 nextcloud-integration-ui:
+  image:
+    repository: {{ .Values.images.openxchangeNextcloudIntegrationUI.repository }}
+    tag: {{ .Values.images.openxchangeNextcloudIntegrationUI.tag }}
   imagePullSecrets:
   {{- range .Values.global.imagePullSecrets }}
     - name: {{ . }}
   {{- end }}
 
 public-sector-ui:
+  image:
+    repository: {{ .Values.images.openxchangePublicSectorUI.repository }}
+    tag: {{ .Values.images.openxchangePublicSectorUI.tag }}
   imagePullSecrets:
   {{- range .Values.global.imagePullSecrets }}
     - name: {{ . }}
@@ -77,6 +83,13 @@ appsuite:
       oxguardpass: |
         {{ .Values.secrets.oxAppsuite.oxguardMC }}
         {{ .Values.secrets.oxAppsuite.oxguardRC }}
+    image:
+      repository: {{ .Values.images.openxchangeCoreMW.repository }}
+      tag: {{ .Values.images.openxchangeCoreMW.tag }}
+    update:
+      image:
+        repository: {{ .Values.images.openxchangeCoreMW.repository }}
+        tag: {{ .Values.images.openxchangeCoreMW.tag }}
     imagePullSecrets:
     {{- range .Values.global.imagePullSecrets }}
       - name: {{ . }}
@@ -87,6 +100,9 @@ appsuite:
     {{- range .Values.global.imagePullSecrets }}
       - name: {{ . }}
     {{- end }}
+    image:
+      repository: {{ .Values.images.openxchangeCoreUI.repository }}
+      tag: {{ .Values.images.openxchangeCoreUI.tag }}
 
   core-ui-middleware:
     ingress:
@@ -96,33 +112,32 @@ appsuite:
     {{- range .Values.global.imagePullSecrets }}
       - name: {{ . }}
     {{- end }}
+    image:
+      repository: {{ .Values.images.openxchangeCoreUIMiddleware.repository }}
+      tag: {{ .Values.images.openxchangeCoreUIMiddleware.tag }}
 
   core-guidedtours:
     imagePullSecrets:
     {{- range .Values.global.imagePullSecrets }}
       - name: {{ . }}
     {{- end }}
+    image:
+      repository: {{ .Values.images.openxchangeCoreGuidedtours.repository }}
+      tag: {{ .Values.images.openxchangeCoreGuidedtours.tag }}
 
   guard-ui:
+    imagePullSecrets:
+    {{- range .Values.global.imagePullSecrets }}
+      - name: {{ . }}
+    {{- end }}
     image:
-      repository: "{{ .Values.global.imageRegistry }}/appsuite-core-public/guard-ui"
+      repository: {{ .Values.global.imageRegistry }}/{{ .Values.images.openxchangeGuardUI.repository }}
-    imagePullSecrets:
+      tag: {{ .Values.images.openxchangeGuardUI.tag }}
-    {{- range .Values.global.imagePullSecrets }}
-      - name: {{ . }}
-    {{- end }}
-
-  core-cacheservice:
-    imagePullSecrets:
-    {{- range .Values.global.imagePullSecrets }}
-      - name: {{ . }}
-    {{- end }}
 
   core-user-guide:
-    imagePullSecrets:
+    image:
-    {{- range .Values.global.imagePullSecrets }}
+      repository: {{ .Values.images.openxchangeCoreUserGuide.repository }}
-      - name: {{ . }}
+      tag: {{ .Values.images.openxchangeCoreUserGuide.tag }}
-    {{- end }}
-
     imagePullSecrets:
     {{- range .Values.global.imagePullSecrets }}
       - name: {{ . }}

helmfile/apps/open-xchange/values-openxchange.yaml

@@ -134,7 +134,7 @@ appsuite:
   guard-ui:
     enabled: true
   core-cacheservice:
-    enabled: true
+    enabled: false
   core-user-guide:
     enabled: true
   core-imageconverter:

helmfile/environments/default/images.gotmpl

@@ -65,6 +65,30 @@ images:
   openproject:
     repository: "souvap/tooling/images/openproject/souvap"
     tag: "dev"
+  openxchangeCoreGuidedtours:
+    repository: "appsuite-public-sector/core-guidedtours"
+    tag: "8.5.0"
+  openxchangeCoreMW:
+    repository: "appsuite-public-sector/middleware-public-sector"
+    tag: "8.15.43"
+  openxchangeCoreUI:
+    repository: "appsuite-public-sector/core-ui"
+    tag: "8.15.2"
+  openxchangeCoreUIMiddleware:
+    repository: "appsuite-public-sector/core-ui-middleware"
+    tag: "1.8.3"
+  openxchangeCoreUserGuide:
+    repository: "appsuite-public-sector/core-user-guide"
+    tag: "8.15.702039"
+  openxchangeGuardUI:
+    repository: "appsuite-public-sector/guard-ui"
+    tag: "4.0.5"
+  openxchangeNextcloudIntegrationUI:
+    repository: "appsuite-public-sector/nextcloud-integration-ui"
+    tag: "1.0.2"
+  openxchangePublicSectorUI:
+    repository: "appsuite-public-sector/public-sector-ui"
+    tag: "1.0.3"
   oxConnector:
     repository: "souvap/tooling/images/ox-connector/ox-connector-standalone"
     tag: "branch-jconde-listener-entrypoint-chaining"
@@ -82,7 +106,7 @@ images:
     tag: "7.0.12-debian-11-r0"
   univentionCorporateServer:
     repository: "souvap/tooling/images/univention-corporate-server-swp/ucs"
-    tag: "20230802T174148"
+    tag: "20230806T234258"
   xwiki:
     repository: "xwikisas/swp/xwiki"
     tag: "0.4-mariadb-tomcat"