From d693ff94f4f79ee26df661f738c843bd4d887716 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorsten=20Ro=C3=9Fner?= Date: Fri, 4 Oct 2024 08:47:42 +0200 Subject: [PATCH] fix(xwiki): Update to 16.4.4. --- .gitlab-ci.yml | 13 ++--- README.md | 2 +- docs/migrations.md | 56 ++++++++++--------- .../openproject/helmfile-child.yaml.gotmpl | 2 +- .../apps/xwiki/helmfile-child.yaml.gotmpl | 2 +- helmfile/environments/default/charts.yaml | 4 +- helmfile/environments/default/images.yaml | 2 +- 7 files changed, 41 insertions(+), 40 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a460e67c..ebda80ad 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -429,11 +429,8 @@ env-stop: .ums-default-password: &ums-default-password - | - DEFAULT_USER_PASSWORD=$( \ - kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.user_password}' | base64 -d \ - ) - DEFAULT_ADMIN_PASSWORD=$( - kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.admin_password}' | base64 -d \ + DEFAULT_ADMINISTRATOR_PASSWORD=$( + kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.administrator_password}' | base64 -d \ ) run-tests: @@ -464,10 +461,8 @@ run-tests: \"namespace\": \"${NAMESPACE}\", \ \"url\": \"https://portal.${DOMAIN}/\", \ \"language\": \"${LANGUAGE}\", \ - \"user_name\": \"${DEFAULT_USER_NAME}\", \ - \"user_password\": \"${DEFAULT_USER_PASSWORD}\", \ - \"admin_name\": \"${DEFAULT_ADMIN_NAME}\", \ - \"admin_password\": \"${DEFAULT_ADMIN_PASSWORD}\", \ + \"udm_api_username\": \"Administrator\", \ + \"udm_api_password\": \"${DEFAULT_ADMINISTRATOR_PASSWORD}\", \ \"screenshot_test\": \"yes\", \ \"screenshot_before_step\": \"yes\", \ \"screenshot_after_step\": \"yes\", \ diff --git a/README.md b/README.md index e1f26bad..0f2fec3f 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ openDesk currently features the following functional main components: | Diagram editor | CryptPad ft. diagrams.net | [5.6.0](https://github.com/cryptpad/cryptpad/releases/tag/5.6.0) | [For the most recent release](https://docs.cryptpad.org/en/) | | File management | Nextcloud | [29.0.7](https://nextcloud.com/de/changelog/#29-0-7) | [Nextcloud 29](https://docs.nextcloud.com/) | | Groupware | OX App Suite | [8.26](https://documentation.open-xchange.com/appsuite/releases/8.26/) | Online documentation available from within the installed application; [Additional resources](https://www.open-xchange.com/resources/oxpedia) | -| Knowledge management | XWiki | [16.4.1](https://www.xwiki.org/xwiki/bin/view/ReleaseNotes/Data/XWiki/16.4.1/) | [For the most recent release](https://www.xwiki.org/xwiki/bin/view/Documentation) | +| Knowledge management | XWiki | [16.4.4](https://www.xwiki.org/xwiki/bin/view/ReleaseNotes/Data/XWiki/16.4.4/) | [For the most recent release](https://www.xwiki.org/xwiki/bin/view/Documentation) | | Portal & IAM | Nubus | Product Preview[^1] | [Univention's documentation website](https://docs.software-univention.de/n/en/index.html) | | Project management | OpenProject | [14.5.1](https://www.openproject.org/docs/release-notes/14-5-1/) | [For the most recent release](https://www.openproject.org/docs/user-guide/) | | Videoconferencing | Jitsi | [2.0.9646](https://github.com/jitsi/jitsi-meet/releases/tag/stable%2Fjitsi-meet_9646) | [For the most recent release](https://jitsi.github.io/handbook/docs/category/user-guide/) | diff --git a/docs/migrations.md b/docs/migrations.md index 0fe346ae..3b77c3c5 100644 --- a/docs/migrations.md +++ b/docs/migrations.md @@ -9,11 +9,11 @@ SPDX-License-Identifier: Apache-2.0 * [Releases upgrades](#releases-upgrades) * [From v0.9.0](#from-v090) * [Changed openDesk defaults](#changed-opendesk-defaults) + * [Removal of unnecessary OX-Profiles in Nubus](#removal-of-unnecessary-ox-profiles-in-nubus) * [MatrixID localpart update](#matrixid-localpart-update) * [File-share configurability](#file-share-configurability) * [Updated default subdomains in `global.hosts`](#updated-default-subdomains-in-globalhosts) * [Updated `global.imagePullSecrets`](#updated-globalimagepullsecrets) - * [Removal of unnecessary OX-Profiles in Nubus](#removal-of-unnecessary-ox-profiles-in-nubus) * [Dedicated group for access of the UDM REST API](#dedicated-group-for-access-of-the-udm-rest-api) * [Automated migrations](#automated-migrations) * [Local Postfix as Relay](#local-postfix-as-relay) @@ -42,6 +42,36 @@ Though we try to ease the pain when it comes to 0.x upgrades. That is what this ### Changed openDesk defaults + +#### Removal of unnecessary OX-Profiles in Nubus + +**Warning: If you do not address this section with your current deployment the upgrade will fail.** + +The update will remove unnecessary OX-Profiles in Nubus, but can't as long as these profiles are in use. + +So please ensure that only the following two supported profiles are assigned to your users: +- `opendesk_standard`: "opendesk Standard" +- `none`: "Login disabled" + +You can review and update other accounts as follows: +- Login as IAM admin. +- Open the user module. +- Open the extended search by clicking the funnel (Trichter) icon next to the search input field. +- Open the "Property" (Eigenschaft) list and select "OX Access" (OX-Berechtigung). +- In the input field right next to the list enter an asterisk (*). +- Start the search by clicking once more on the funnel icon. +- Sort the result list for the "OX Access" column +- Edit every user that has a value different to `opendesk_standard` or `none`: + - Open the user. + - Go to section "OX App Suite". + - Change the value in the dropdown "OX Access" to either: + - "openDesk Standard" if the user should be able to use the Groupware module or + - "Login disabled" if the user should not user the Groupware module. + - Update the user account with the green "SAVE" button on top of the page. + +Please check the "OX Access" setting of the user `Administrator` explicitly as that user is likely not to +show up in the search described above. + #### MatrixID localpart update Until 0.9.0 openDesk used the LDAP entryUUID of a user to generate the user's MatrixID. Due to restrictions of the @@ -165,30 +195,6 @@ global: - "external-registry" ``` -#### Removal of unnecessary OX-Profiles in Nubus - -The update will remove unnecessary OX-Profiles in Nubus, but can't as long as these profiles are in use. - -So please ensure that only the following two supported profiles are assigned to your users: -- `opendesk_standard`: "opendesk Standard" -- `none`: "Login disabled" - -You can check and update the profiles as follows: -- Login as IAM admin. -- Open the user module. -- Open the extended search by clicking the funnel (Trichter) icon next to the search input field. -- Open the "Property" (Eigenschaft) list and select "OX Access" (OX-Berechtigung). -- In the input field right next to the list enter an asterisk (*). -- Start the search by clicking once more on the funnel icon. -- Sort the result list for the "OX Access" column -- Edit every user that has a value different to `opendesk_standard` or `none`: - - Open the user. - - Go to section "OX App Suite". - - Change the value in the dropdown "OX Access" to either: - - "openDesk Standard" if the user should be able to use the Groupware module or - - "Login disabled" if the user should not user the Groupware module. - - Update the user account with the green "SAVE" button on top of the page. - #### Dedicated group for access of the UDM REST API Prerequisite: You allow the use of the [IAM's API](https://docs.software-univention.de/developer-reference/5.0/en/udm/rest-api.html) diff --git a/helmfile/apps/openproject/helmfile-child.yaml.gotmpl b/helmfile/apps/openproject/helmfile-child.yaml.gotmpl index 5be55bf9..222e63ef 100644 --- a/helmfile/apps/openproject/helmfile-child.yaml.gotmpl +++ b/helmfile/apps/openproject/helmfile-child.yaml.gotmpl @@ -22,7 +22,7 @@ releases: - "values.yaml.gotmpl" - {{ .Values.customization.release.openproject | default "additionalValues: false" }} installed: {{ .Values.openproject.enabled }} - timeout: 1500 + timeout: 1800 commonLabels: deploy-stage: "component-1" diff --git a/helmfile/apps/xwiki/helmfile-child.yaml.gotmpl b/helmfile/apps/xwiki/helmfile-child.yaml.gotmpl index 347601bf..b3f28079 100644 --- a/helmfile/apps/xwiki/helmfile-child.yaml.gotmpl +++ b/helmfile/apps/xwiki/helmfile-child.yaml.gotmpl @@ -21,7 +21,7 @@ releases: - "values.yaml.gotmpl" - {{ .Values.customization.release.xwiki | default "additionalValues: false" }} installed: {{ .Values.xwiki.enabled }} - timeout: 900 + timeout: 1800 commonLabels: deploy-stage: "component-1" diff --git a/helmfile/environments/default/charts.yaml b/helmfile/environments/default/charts.yaml index 660217fc..c479e61a 100644 --- a/helmfile/environments/default/charts.yaml +++ b/helmfile/environments/default/charts.yaml @@ -58,7 +58,7 @@ charts: registry: "registry.opencode.de" repository: "bmi/opendesk/components/supplier/xwiki/charts-mirror" name: "cryptpad" - version: "0.0.19" + version: "0.0.20" verify: true dkimpy: # providerCategory: "Platform" @@ -412,6 +412,6 @@ charts: registry: "registry.opencode.de" repository: "bmi/opendesk/components/supplier/xwiki/charts-mirror" name: "xwiki" - version: "1.3.1" + version: "1.4.0" verify: false ... diff --git a/helmfile/environments/default/images.yaml b/helmfile/environments/default/images.yaml index 9b4153b0..4e66d022 100644 --- a/helmfile/environments/default/images.yaml +++ b/helmfile/environments/default/images.yaml @@ -822,5 +822,5 @@ images: # upstreamMirrorStartFrom: ["0", "12"] registry: "registry.opencode.de" repository: "bmi/opendesk/components/supplier/xwiki/images-mirror/xwiki" - tag: "0.19-mariadb-jetty-alpine@sha256:8590ee815bceb7764df681b9239b4606adc5b3750e4eff2d928b62dcd046a623" + tag: "0.21-mariadb-jetty-alpine@sha256:87263c92601da812ebe128cf14d632a10a7a2273ab5ee10f8f19ff83a0576cb3" ...