mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-07 07:51:38 +01:00
feat(authentication): Avoid that users can open a app they do not have the appropriate LDAP group set for. Implementation is based on role based client scopes. Introducing also an openDesk migration approach with a pre and post deployment stage.
This commit is contained in:
Thorsten Roßner
31
helmfile/apps/migrations-post/helmfile-child.yaml
Normal file
31
helmfile/apps/migrations-post/helmfile-child.yaml
Normal file
@@ -0,0 +1,31 @@
|
||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
---
|
||||
repositories:
|
||||
# openDesk Migrations
|
||||
# Source:
|
||||
- name: "openproject-migrations-repo"
|
||||
keyring: "../../files/gpg-pubkeys/opencode.gpg"
|
||||
verify: {{ .Values.charts.migrations.verify }}
|
||||
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
||||
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
||||
oci: true
|
||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.migrations.registry }}/\
|
||||
{{ .Values.charts.migrations.repository }}"
|
||||
|
||||
releases:
|
||||
- name: "opendesk-migrations-post"
|
||||
chart: "openproject-migrations-repo/{{ .Values.charts.migrations.name }}"
|
||||
version: "{{ .Values.charts.migrations.version }}"
|
||||
wait: true
|
||||
waitForJobs: true
|
||||
values:
|
||||
- "values.yaml.gotmpl"
|
||||
- "../../shared/migrations.yaml.gotmpl"
|
||||
installed: {{ .Values.migrations.enabled }}
|
||||
timeout: 900
|
||||
|
||||
commonLabels:
|
||||
deploy-stage: "component-0"
|
||||
component: "opendesk-migrations"
|
||||
...
|
||||
11
helmfile/apps/migrations-post/helmfile.yaml
Normal file
11
helmfile/apps/migrations-post/helmfile.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
---
|
||||
bases:
|
||||
- "../../bases/environments.yaml"
|
||||
---
|
||||
helmfiles:
|
||||
- path: "./helmfile-child.yaml"
|
||||
values:
|
||||
- {{ toYaml .Values | nindent 8 }}
|
||||
...
|
||||
8
helmfile/apps/migrations-post/values.yaml.gotmpl
Normal file
8
helmfile/apps/migrations-post/values.yaml.gotmpl
Normal file
@@ -0,0 +1,8 @@
|
||||
{{/*
|
||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
migrations:
|
||||
stage: "POST"
|
||||
...
|
||||
Reference in New Issue
Block a user