sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-07 07:51:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(univention-management-stack): Add ums provisioning service

Browse Source 
Adds provisioning API along with NATS and NATS box
This commit is contained in:
Sebastian König-Festl
2023-12-07 16:19:30 +00:00
committed by Thorsten Rossner
parent 18e95b7f07
commit d039c65c4b
8 changed files with 87 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
helmfile/apps/univention-management-stack/helmfile.yaml
View File

@@ -97,6 +97,13 @@ repositories:
username: {{ .Values.charts.umsSelfserviceListener.username | quote }}
password: {{ .Values.charts.umsSelfserviceListener.password | quote }}
url: "{{ .Values.charts.umsSelfserviceListener.registry }}/{{ .Values.charts.umsSelfserviceListener.repository }}"
- name: "ums-provisioning-repo"
oci: {{ .Values.charts.umsProvisioning.oci }}
keyring: "../../files/gpg-pubkeys/univention-de.gpg"
verify: {{ .Values.charts.umsProvisioning.verify }}
username: {{ .Values.charts.umsProvisioning.username | quote }}
password: {{ .Values.charts.umsProvisioning.password | quote }}
url: "{{ .Values.charts.umsProvisioning.registry }}/{{ .Values.charts.umsProvisioning.repository }}"
# Univention Keycloak Extensions
- name: "ums-keycloak-extensions-repo"
@@ -314,6 +321,16 @@ releases:
- "values-selfservice-listener.yaml"
installed: {{ .Values.univentionManagementStack.enabled }}
- name: "ums-provisioning"
chart: "ums-provisioning-repo/{{ .Values.charts.umsProvisioning.name }}"
version: "{{ .Values.charts.umsProvisioning.version }}"
values:
- "values-common.gotmpl"
- "values-common.yaml"
- "values-provisioning.gotmpl"
- "values-provisioning.yaml"
installed: {{ .Values.univentionManagementStack.enabled }}
commonLabels:
deploy-stage: "component-1"
component: "univention-management-stack"

19
helmfile/apps/univention-management-stack/values-provisioning.gotmpl Normal file
View File

@@ -0,0 +1,19 @@
{{/*
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
*/}}
---
image:
registry: {{ .Values.global.imageRegistry | quote }}
repository: {{ .Values.images.umsProvisioning.repository | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
tag: {{ .Values.images.umsProvisioning.tag | quote }}
pullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . | quote }}
{{- end }}
resources:
{{ .Values.resources.umsProvisioning | toYaml | nindent 2 }}
...

15
helmfile/apps/univention-management-stack/values-provisioning.yaml Normal file
View File

@@ -0,0 +1,15 @@
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
# SPDX-License-Identifier: Apache-2.0
---
provisioningApi:
rootPath: "/univention/provisioning-api"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
privileged: false
seccompProfile:
type: "RuntimeDefault"
...

6
helmfile/apps/univention-management-stack/values-ums-stack-gateway.yaml
View File

@@ -237,6 +237,12 @@ serverBlock: |
proxy_pass http://ums-portal-frontend:80/;
}
## provisioning-api
location /univention/provisioning-api/ {
rewrite ^/univention/provisioning-api(/.*)$ $1 break;
proxy_pass http://ums-provisioning-provisioning-api:80;
}
}
podSecurityContext: