From d778e289131b1fa0dc0299dd79cbb50e7aeb9316 Mon Sep 17 00:00:00 2001 From: Sven-Erik Schmidt Date: Thu, 13 Nov 2025 17:14:31 +0100 Subject: [PATCH] feat(opendesk-services): Add opendesk-otterize --- .../charts/opendesk-otterize/Chart.yaml | 21 ++ .../charts/opendesk-otterize/README.md | 121 +++++++++ .../opendesk-otterize/README.md.gotmpl.tpl | 50 ++++ .../ClientIntents/clamav-freshclam.yaml | 28 ++ .../templates/ClientIntents/clamav-icap.yaml | 27 ++ .../ClientIntents/clamav-milter.yaml | 27 ++ .../ClientIntents/clamav-simple.yaml | 28 ++ .../ClientIntents/collabora-controller.yaml | 33 +++ .../templates/ClientIntents/collabora.yaml | 30 +++ .../templates/ClientIntents/cryptpad.yaml | 31 +++ .../ClientIntents/impress-backend-init.yaml | 30 +++ .../ClientIntents/impress-backend.yaml | 40 +++ .../ClientIntents/impress-y-provider.yaml | 28 ++ .../ClientIntents/intercom-service.yaml | 32 +++ .../templates/ClientIntents/jitsi-jibri.yaml | 27 ++ .../templates/ClientIntents/jitsi-jicofo.yaml | 27 ++ .../templates/ClientIntents/jitsi-jvb.yaml | 31 +++ .../ClientIntents/jitsi-opendesk-jitsi.yaml | 28 ++ .../ClientIntents/jitsi-prosody.yaml | 27 ++ .../templates/ClientIntents/jitsi-web.yaml | 30 +++ .../ClientIntents/mariadb-bootstrap.yaml | 27 ++ .../matrix-adminbot-bootstrap.yaml | 29 ++ .../matrix-auditbot-bootstrap.yaml | 29 ++ .../matrix-neodatefix-bot-bootstrap.yaml | 28 ++ .../ClientIntents/matrix-neodatefix-bot.yaml | 28 ++ .../ClientIntents/minio-provisioning.yaml | 27 ++ .../ClientIntents/nubus-nginx-s3-gateway.yaml | 28 ++ .../ClientIntents/open-xchange-bootstrap.yaml | 28 ++ .../ClientIntents/open-xchange-connector.yaml | 36 +++ .../open-xchange-core-mw-groupware.yaml | 70 +++++ .../open-xchange-core-ui-middleware.yaml | 39 +++ .../ClientIntents/open-xchange-dovecot.yaml | 41 +++ .../open-xchange-imageconverter.yaml | 28 ++ .../ClientIntents/open-xchange-postfix.yaml | 40 +++ .../opendesk-jitsi-keycloak-adapter.yaml | 29 ++ .../opendesk-keycloak-bootstrap.yaml | 27 ++ ...x-user-verification-service-bootstrap.yaml | 28 ++ ...desk-matrix-user-verification-service.yaml | 31 +++ .../opendesk-migrations-post.yaml | 28 ++ .../opendesk-migrations-pre.yaml | 28 ++ .../opendesk-nextcloud-aio-cron.yaml | 52 ++++ .../ClientIntents/opendesk-nextcloud-aio.yaml | 53 ++++ .../opendesk-nextcloud-exporter.yaml | 30 +++ .../opendesk-nextcloud-management.yaml | 33 +++ .../opendesk-nextcloud-notifypush.yaml | 35 +++ .../opendesk-openproject-bootstrap.yaml | 28 ++ .../opendesk-synapse-admin-cron.yaml | 35 +++ .../ClientIntents/opendesk-synapse-admin.yaml | 29 ++ .../opendesk-synapse-adminbot-pipe.yaml | 29 ++ .../opendesk-synapse-auditbot-pipe.yaml | 29 ++ .../opendesk-synapse-groupsync .yaml | 37 +++ .../ClientIntents/opendesk-synapse-web.yaml | 27 ++ .../ClientIntents/opendesk-synapse.yaml | 40 +++ .../ClientIntents/openproject-seeder.yaml | 36 +++ .../templates/ClientIntents/openproject.yaml | 48 ++++ .../templates/ClientIntents/postfix.yaml | 44 +++ .../ClientIntents/postgresql-bootstrap.yaml | 27 ++ .../ClientIntents/ums-keycloak-bootstrap.yaml | 30 +++ .../ums-keycloak-extensions-handler.yaml | 35 +++ .../ums-keycloak-extensions-proxy.yaml | 31 +++ .../templates/ClientIntents/ums-keycloak.yaml | 35 +++ .../ClientIntents/ums-ldap-notifier.yaml | 27 ++ .../ums-ldap-server-primary.yaml | 30 +++ .../ums-ldap-server-secondary.yaml | 27 ++ .../ClientIntents/ums-portal-consumer.yaml | 35 +++ .../ClientIntents/ums-portal-server.yaml | 35 +++ .../ClientIntents/ums-provisioning-api.yaml | 28 ++ .../ums-provisioning-dispatcher.yaml | 28 ++ .../ums-provisioning-prefill.yaml | 32 +++ .../ums-provisioning-register-consumers.yaml | 29 ++ .../ums-provisioning-udm-listener.yaml | 33 +++ .../ums-provisioning-udm-transformer.yaml | 36 +++ .../ums-selfservice-listener.yaml | 29 ++ .../ClientIntents/ums-stack-data-ums.yaml | 27 ++ .../ClientIntents/ums-udm-rest-api.yaml | 33 +++ .../ClientIntents/ums-umc-server.yaml | 43 +++ .../templates/ClientIntents/xwiki.yaml | 51 ++++ .../allow-all-dev-ingress.yaml | 28 ++ .../NetworkPolicies/allow-all-dev.yaml | 27 ++ .../collabora-prometheus-access.yaml | 35 +++ .../NetworkPolicies/default-deny-all.yaml | 24 ++ .../NetworkPolicies/default-dns-access.yaml | 31 +++ .../templates/NetworkPolicies/dovecot.yaml | 35 +++ .../minio-prometheus-access.yaml | 35 +++ ...-nextcloud-exporter-prometheus-access.yaml | 36 +++ .../ProtectedServices/cassandra.yaml | 23 ++ .../ProtectedServices/clamav-clamd.yaml | 23 ++ .../ProtectedServices/clamav-freshclam.yaml | 23 ++ .../ProtectedServices/clamav-icap.yaml | 23 ++ .../ProtectedServices/clamav-milter.yaml | 23 ++ .../ProtectedServices/clamav-simple.yaml | 23 ++ .../collabora-controller.yaml | 23 ++ .../ProtectedServices/collabora.yaml | 23 ++ .../templates/ProtectedServices/cryptpad.yaml | 23 ++ .../templates/ProtectedServices/dkimpy.yaml | 23 ++ .../ProtectedServices/impress-backend.yaml | 23 ++ .../ProtectedServices/impress-frontend.yaml | 23 ++ .../ProtectedServices/impress-y-provider.yaml | 23 ++ .../ProtectedServices/intercom-service.yaml | 23 ++ .../ProtectedServices/jitsi-jibri.yaml | 23 ++ .../ProtectedServices/jitsi-jvb.yaml | 23 ++ .../jitsi-keycloak-adapter.yaml | 23 ++ .../ProtectedServices/jitsi-prosody.yaml | 23 ++ .../ProtectedServices/jitsi-web.yaml | 23 ++ .../templates/ProtectedServices/mariadb.yaml | 23 ++ .../matrix-neoboard-widget.yaml | 23 ++ .../matrix-neochoice-widget.yaml | 23 ++ .../matrix-neodatefix-bot.yaml | 23 ++ .../matrix-neodatefix-widget.yaml | 23 ++ .../ProtectedServices/memcached.yaml | 23 ++ .../ProtectedServices/minio-provisioning.yaml | 23 ++ .../templates/ProtectedServices/minio.yaml | 23 ++ .../nubus-nginx-s3-gateway.yaml | 23 ++ .../open-xchange-core-documentconverter.yaml | 23 ++ .../open-xchange-core-imageconverter.yaml | 23 ++ .../open-xchange-core-mw.yaml | 23 ++ .../open-xchange-core-ui-middleware.yaml | 23 ++ .../open-xchange-core-ui.yaml | 23 ++ .../open-xchange-core-user-guide.yaml | 23 ++ .../open-xchange-dovecot.yaml | 23 ++ .../open-xchange-gotenberg.yaml | 23 ++ .../open-xchange-guard-ui.yaml | 23 ++ .../open-xchange-guidedtours.yaml | 23 ++ ...open-xchange-nextcloud-integration-ui.yaml | 23 ++ .../open-xchange-postfix.yaml | 23 ++ .../open-xchange-public-sector-ui.yaml | 23 ++ .../ProtectedServices/opendesk-element.yaml | 23 ++ ...desk-matrix-user-verification-service.yaml | 23 ++ .../opendesk-migrations-pre.yaml | 23 ++ .../opendesk-nextcloud-aio-cron.yaml | 23 ++ .../opendesk-nextcloud-aio.yaml | 23 ++ .../opendesk-nextcloud-exporter.yaml | 23 ++ .../opendesk-nextcloud-management.yaml | 23 ++ .../opendesk-nextcloud-notifypush.yaml | 23 ++ .../opendesk-static-files.yaml | 19 ++ .../opendesk-synapse-web.yaml | 23 ++ .../ProtectedServices/opendesk-synapse.yaml | 23 ++ .../opendesk-well-known.yaml | 23 ++ .../ProtectedServices/openproject-seeder.yaml | 23 ++ .../ProtectedServices/openproject.yaml | 23 ++ .../templates/ProtectedServices/postfix.yaml | 23 ++ .../postgresql-bootstrap.yaml | 23 ++ .../ProtectedServices/postgresql.yaml | 23 ++ .../templates/ProtectedServices/redis.yaml | 23 ++ .../ums-keycloak-bootstrap.yaml | 23 ++ .../ums-keycloak-extensions-handler.yaml | 23 ++ .../ums-keycloak-extensions-proxy.yaml | 23 ++ .../ProtectedServices/ums-keycloak.yaml | 23 ++ .../ProtectedServices/ums-ldap-notifier.yaml | 23 ++ .../ums-ldap-server-primary.yaml | 23 ++ .../ums-ldap-server-secondary.yaml | 23 ++ .../ums-portal-consumer.yaml | 23 ++ .../ums-portal-frontend.yaml | 23 ++ .../ProtectedServices/ums-portal-server.yaml | 23 ++ .../ums-provisioning-api.yaml | 23 ++ .../ums-provisioning-dispatcher.yaml | 23 ++ .../ums-provisioning-nats.yaml | 23 ++ .../ums-provisioning-prefill.yaml | 23 ++ .../ums-provisioning-register-consumers.yaml | 23 ++ .../ums-provisioning-udm-listener.yaml | 23 ++ .../ums-provisioning-udm-transformer.yaml | 23 ++ .../ums-selfservice-listener.yaml | 23 ++ .../ProtectedServices/ums-stack-data-ums.yaml | 23 ++ .../ProtectedServices/ums-udm-rest-api.yaml | 23 ++ .../ProtectedServices/ums-umc-gateway.yaml | 23 ++ .../ProtectedServices/ums-umc-server.yaml | 23 ++ .../templates/ProtectedServices/xwiki.yaml | 23 ++ .../charts/opendesk-otterize/values.yaml | 250 ++++++++++++++++++ .../helmfile-child.yaml.gotmpl | 2 +- 169 files changed, 4995 insertions(+), 1 deletion(-) create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/Chart.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md.gotmpl.tpl create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-freshclam.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-icap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-milter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-simple.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora-controller.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/cryptpad.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend-init.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-y-provider.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/intercom-service.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jibri.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jicofo.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jvb.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-opendesk-jitsi.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-prosody.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-web.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/mariadb-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-adminbot-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-auditbot-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/minio-provisioning.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/nubus-nginx-s3-gateway.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-connector.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-mw-groupware.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-ui-middleware.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-dovecot.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-imageconverter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-postfix.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-jitsi-keycloak-adapter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-keycloak-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-post.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-pre.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio-cron.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-exporter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-management.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-notifypush.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-openproject-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin-cron.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-adminbot-pipe.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-auditbot-pipe.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-groupsync .yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-web.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject-seeder.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postfix.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postgresql-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-handler.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-proxy.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-notifier.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-primary.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-secondary.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-consumer.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-server.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-api.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-dispatcher.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-prefill.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-register-consumers.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-listener.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-transformer.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-selfservice-listener.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-stack-data-ums.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-udm-rest-api.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-umc-server.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/xwiki.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev-ingress.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/collabora-prometheus-access.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-deny-all.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-dns-access.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/dovecot.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/minio-prometheus-access.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/opendesk-nextcloud-exporter-prometheus-access.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cassandra.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-clamd.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-freshclam.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-icap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-milter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-simple.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora-controller.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cryptpad.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/dkimpy.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-backend.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-frontend.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-y-provider.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/intercom-service.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jibri.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jvb.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-keycloak-adapter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-prosody.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-web.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/mariadb.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neoboard-widget.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neochoice-widget.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-bot.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-widget.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/memcached.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio-provisioning.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/nubus-nginx-s3-gateway.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-documentconverter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-imageconverter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-mw.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui-middleware.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-user-guide.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-dovecot.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-gotenberg.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guard-ui.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guidedtours.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-nextcloud-integration-ui.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-postfix.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-public-sector-ui.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-element.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-matrix-user-verification-service.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-migrations-pre.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio-cron.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-exporter.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-management.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-notifypush.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-static-files.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse-web.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-well-known.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject-seeder.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postfix.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/redis.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-bootstrap.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-handler.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-proxy.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-notifier.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-primary.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-secondary.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-consumer.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-frontend.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-server.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-api.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-dispatcher.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-nats.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-prefill.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-register-consumers.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-listener.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-transformer.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-selfservice-listener.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-stack-data-ums.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-udm-rest-api.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-gateway.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-server.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/xwiki.yaml create mode 100644 helmfile/apps/opendesk-services/charts/opendesk-otterize/values.yaml diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/Chart.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/Chart.yaml new file mode 100644 index 00000000..169ef132 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/Chart.yaml @@ -0,0 +1,21 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +annotations: + category: "Security" + licenses: "Apache-2.0" +apiVersion: "v2" +dependencies: + - name: "common" + version: "^2.x.x" + repository: "oci://registry.opencode.de/bmi/opendesk/components/external/charts/bitnami-charts" +description: "A Helm chart deploying resources for Otterize to secure services with NetworkPolicies." +home: "https://zendis.de" +keywords: + - "security" +name: "opendesk-otterize" +sources: + - "https://gitlab.souvap-univention.de/souvap/tooling/charts/opendesk-otterize" +type: "application" +version: "2.1.3" +... diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md b/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md new file mode 100644 index 00000000..5cf5aed8 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md @@ -0,0 +1,121 @@ + +# opendesk-otterize + +A Helm chart deploying resources for Otterize to secure services with NetworkPolicies. + +## Installing the Chart + +To install the chart with the release name `my-release`, you have two options: + +### Install via Repository + +```console +helm repo add opendesk-otterize https://gitlab.opencode.de/api/v4/projects/2293/packages/helm/stable +helm install my-release --version 2.1.3 opendesk-otterize/opendesk-otterize +``` + +### Install via OCI Registry + +```console +helm repo add opendesk-otterize oci://registry.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-otterize +helm install my-release --version 2.1.3 opendesk-otterize/opendesk-otterize +``` + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| oci://registry.opencode.de/bmi/opendesk/components/external/charts/bitnami-charts | common | ^2.x.x | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| additionalAnnotations | object | `{}` | Additional custom annotations to add to all deployed objects. | +| additionalLabels | object | `{}` | Additional custom labels to add to all deployed objects. | +| apps.clamavDistributed.enabled | bool | `true` | Enables ClamAV (in distributed mode) related resource creation. | +| apps.clamavDistributed.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.clamavDistributed.signatureHost | string | `"gitlab.opencode.de"` | Signature database host | +| apps.clamavSimple.enabled | bool | `true` | Enables ClamAV (in simple mode) related resource creation. | +| apps.clamavSimple.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.clamavSimple.signatureHost | string | `"gitlab.opencode.de"` | Signature database host | +| apps.collabora.enabled | bool | `true` | Enables Collabora related resource creation. | +| apps.collabora.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.cryptpad.enabled | bool | `true` | Enables Cryptpad related resource creation. | +| apps.cryptpad.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.dkimpy.enabled | bool | `true` | Enables dkimpy related resource creation. | +| apps.dkimpy.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.dovecot.enabled | bool | `true` | Enables Dovecot related resource creation. | +| apps.dovecot.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.element.enabled | bool | `true` | Enables Element related resource creation. | +| apps.element.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.intercom.enabled | bool | `true` | Enables Intercom Service related resource creation. | +| apps.intercom.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.jitsi.enabled | bool | `true` | Enables Jitsi related resource creation. | +| apps.jitsi.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.mariadb.enabled | bool | `true` | Enables MariaDB related resource creation. | +| apps.mariadb.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.memcached.enabled | bool | `true` | Enables Memcached related resource creation. | +| apps.memcached.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.minio.enabled | bool | `true` | Enables MinIO related resource creation. | +| apps.minio.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.nextcloud.enabled | bool | `true` | Enables Nextcloud related resource creation. | +| apps.nextcloud.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.notes.enabled | bool | `true` | Enables LaSuite Notes related resource creation. | +| apps.notes.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.nubus.enabled | bool | `true` | Enables Univention Management Stack related resource creation. | +| apps.nubus.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.openproject.enabled | bool | `true` | Enables OpenProject related resource creation. | +| apps.openproject.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.oxAppSuite.enabled | bool | `true` | Enables Open-Xchange Appsuite related resource creation. | +| apps.oxAppSuite.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.oxConnector.enabled | bool | `true` | Enables OX-Connector related resource creation. | +| apps.oxConnector.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.postfix.enabled | bool | `true` | Enables Postfix related resource creation. | +| apps.postfix.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.postgresql.enabled | bool | `true` | Enables PostgreSQL related resource creation. | +| apps.postgresql.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.redis.enabled | bool | `true` | Enables Redis related resource creation. | +| apps.redis.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| apps.xwiki.enabled | bool | `true` | Enables XWiki related resource creation. | +| apps.xwiki.namespace | string | `""` | If omitted, resources are deployed in the same namespace as this helm chart. | +| clientIntents.apiVersion | string | `"k8s.otterize.com/v1alpha3"` | Choose the API version to use. | +| clientIntents.enabled | bool | `true` | Enable creation of ClientIntents custom resource. | +| extraApps.clusterPostfix.enabled | bool | `false` | Enables cluster-wide postfix related resource creation. | +| extraApps.clusterPostfix.namespace | string | `"swp-cross-instance-mail"` | If omitted, resources are deployed in the same namespace as this helm chart. | +| global.domain | string | `"example.internal"` | Deployment base domain used for egress restrictions to opendesk services via Ingress. | +| global.hosts | object | `{"collabora":"office","cryptpad":"pad","element":"chat","intercomService":"ics","jitsi":"meet","keycloak":"id","matrixNeoBoardWidget":"matrix-neoboard-widget","matrixNeoChoiceWidget":"matrix-neochoice-widget","matrixNeoDateFixBot":"matrix-neodatefix-bot","matrixNeoDateFixWidget":"matrix-neodatefix-widget","minioApi":"objectstore","minioConsole":"objectstore-ui","nextcloud":"files","notes":"notes","nubus":"portal","openproject":"projects","openxchange":"webmail","synapse":"matrix","synapseFederation":"matrix-federation","whiteboard":"whiteboard","xwiki":"wiki"}` | A map of avaible deployment subdomains. | +| ingressController.namespace | string | `"nginx-ingress"` | Namespace of ingress controller. | +| ingressController.podSelector | object | `{"matchLabels":{"app.kubernetes.io/name":"nginx-ingress"}}` | Pod selector for ingress controller to match for NetworkPolicies. | +| istioGateway.namespace | string | `"istio-system"` | Namespace of ingress controller. | +| istioGateway.podSelector | object | `{"matchLabels":{"app":"gateway","istio":"gateway"}}` | Pod selector for ingress controller to match for NetworkPolicies. | +| networkPolicies.enabled | bool | `true` | Enable creation of NetworkPolicies custom resource. | +| prometheus.namespace | string | `"monitoring"` | Namespace of ingress controller. | +| prometheus.podSelector | object | `{"matchLabels":{"app.kubernetes.io/name":"prometheus"}}` | Pod selector for ingress controller to match for NetworkPolicies. | +| protectedServices.apiVersion | string | `"k8s.otterize.com/v1alpha3"` | Choose the API version to use. | +| protectedServices.enabled | bool | `true` | Enable creation of ProtectedServices custom resource. | + +## Uninstalling the Chart + +To install the release with name `my-release`: + +```bash +helm uninstall my-release +``` + +## Signing + +Helm charts are signed with helm native signing method. + +You can verify the chart against [the public GPG key](../../files/gpg-pubkeys/opendesk.gpg). + +## License + +This project uses the following license: Apache-2.0 + +## Copyright + +Copyright (C) 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md.gotmpl.tpl b/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md.gotmpl.tpl new file mode 100644 index 00000000..46f70858 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/README.md.gotmpl.tpl @@ -0,0 +1,50 @@ + +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +## Installing the Chart + +To install the chart with the release name `my-release`, you have two options: + +### Install via Repository + +```console +helm repo add ${CI_PROJECT_NAME} ${CI_SERVER_PROTOCOL}://${CI_SERVER_HOST}/api/v4/projects/${CI_PROJECT_ID}/packages/helm/stable +helm install my-release --version ${RELEASE_VERSION} ${CI_PROJECT_NAME}/{{ template "chart.name" . }} +``` + +### Install via OCI Registry + +```console +helm repo add ${CI_PROJECT_NAME} oci://${CI_REGISTRY_IMAGE} +helm install my-release --version ${RELEASE_VERSION} ${CI_PROJECT_NAME}/{{ template "chart.name" . }} +``` + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +## Uninstalling the Chart + +To install the release with name `my-release`: + +```bash +helm uninstall my-release +``` + +## Signing + +Helm charts are signed with helm native signing method. + +You can verify the chart against [the public GPG key](../../files/gpg-pubkeys/opendesk.gpg). + +## License + +This project uses the following license: Apache-2.0 + +## Copyright + +Copyright (C) 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-freshclam.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-freshclam.yaml new file mode 100644 index 00000000..fa7b9a4f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-freshclam.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "clamav-freshclam" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "clamav-freshclam" + targets: + - internet: + domains: + - {{ .Values.apps.clamavDistributed.signatureHost | quote }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-icap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-icap.yaml new file mode 100644 index 00000000..5965f620 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-icap.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "clamav-icap" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "clamav-icap" + targets: + - kubernetes: + name: "clamav-clamd.{{ coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-milter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-milter.yaml new file mode 100644 index 00000000..ccf98ec0 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-milter.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "clamav-milter" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "clamav-milter" + targets: + - kubernetes: + name: {{ printf "%s.%s" "clamav-clamd" (coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace) | quote }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-simple.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-simple.yaml new file mode 100644 index 00000000..01c7b303 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/clamav-simple.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavSimple.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "clamav-simple" + namespace: {{ .Values.apps.clamavSimple.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "clamav-simple" + targets: + - internet: + domains: + - {{ .Values.apps.clamavSimple.signatureHost | quote }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora-controller.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora-controller.yaml new file mode 100644 index 00000000..85692296 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora-controller.yaml @@ -0,0 +1,33 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.collabora.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "collabora-controller" + namespace: {{ .Values.apps.collabora.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "collabora-controller" + targets: + - kubernetes: + name: "collabora-controller" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora.yaml new file mode 100644 index 00000000..4ed1c2a5 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/collabora.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.collabora.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "collabora" + namespace: {{ .Values.apps.collabora.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "collabora" + targets: + - kubernetes: + name: "collabora-controller" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/cryptpad.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/cryptpad.yaml new file mode 100644 index 00000000..2d4aa9e3 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/cryptpad.yaml @@ -0,0 +1,31 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.cryptpad.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "cryptpad" + namespace: {{ .Values.apps.cryptpad.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "cryptpad" + targets: + - kubernetes: + name: "clamav-clamd.{{ coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace }}" + - internet: + domains: + - "registry.npmjs.org" + - "accounts.cryptpad.fr" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend-init.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend-init.yaml new file mode 100644 index 00000000..4ef97e00 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend-init.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.notes.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "impress-backend-init" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "impress-backend-init" + kind: "Job" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend.yaml new file mode 100644 index 00000000..b2718ce6 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-backend.yaml @@ -0,0 +1,40 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.notes.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "impress-backend" + namespace: {{ .Values.apps.notes.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "impress-backend" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-y-provider.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-y-provider.yaml new file mode 100644 index 00000000..76530436 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/impress-y-provider.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.notes.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "impress-y-provider" + namespace: {{ .Values.apps.notes.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "impress-y-provider" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/intercom-service.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/intercom-service.yaml new file mode 100644 index 00000000..9d5657bc --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/intercom-service.yaml @@ -0,0 +1,32 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "intercom-service" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "intercom-service" + targets: + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jibri.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jibri.yaml new file mode 100644 index 00000000..b9169988 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jibri.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-jibri" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-jibri" + targets: + - kubernetes: + name: "jitsi-prosody.{{ coalesce .Values.apps.jitsi.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jicofo.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jicofo.yaml new file mode 100644 index 00000000..b3426349 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jicofo.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-jicofo" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-jicofo" + targets: + - kubernetes: + name: "jitsi-prosody.{{ coalesce .Values.apps.jitsi.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jvb.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jvb.yaml new file mode 100644 index 00000000..6327fdf5 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-jvb.yaml @@ -0,0 +1,31 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-jvb" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-jvb" + targets: + - kubernetes: + name: "jitsi-prosody.{{ coalesce .Values.apps.jitsi.namespace .Release.Namespace }}" + - internet: + ips: + # Cloud provider instance metadata + - "169.254.169.254" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-opendesk-jitsi.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-opendesk-jitsi.yaml new file mode 100644 index 00000000..c48bff5a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-opendesk-jitsi.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-opendesk-jitsi" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-opendesk-jitsi" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-prosody.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-prosody.yaml new file mode 100644 index 00000000..84d7d0e6 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-prosody.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-prosody" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-prosody" + targets: + - kubernetes: + name: "opendesk-matrix-user-verification-service.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-web.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-web.yaml new file mode 100644 index 00000000..1e76c61c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/jitsi-web.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "jitsi-web" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "jitsi-web" + targets: + - kubernetes: + name: "jitsi-prosody.{{ coalesce .Values.apps.jitsi.namespace .Release.Namespace }}" + - kubernetes: + name: "opendesk-jitsi-keycloak-adapter.{{ coalesce .Values.apps.jitsi.namespace .Release.Namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/mariadb-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/mariadb-bootstrap.yaml new file mode 100644 index 00000000..8cdd9a6b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/mariadb-bootstrap.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.mariadb.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "mariadb-bootstrap" + namespace: {{ .Values.apps.mariadb.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "mariadb-bootstrap" + targets: + - kubernetes: + name: "mariadb.{{ coalesce .Values.apps.mariadb.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-adminbot-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-adminbot-bootstrap.yaml new file mode 100644 index 00000000..090fbc22 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-adminbot-bootstrap.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "matrix-adminbot-bootstrap" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "matrix-adminbot-bootstrap" + kind: "Job" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-auditbot-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-auditbot-bootstrap.yaml new file mode 100644 index 00000000..a22ae3a7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-auditbot-bootstrap.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "matrix-auditbot-bootstrap" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "matrix-auditbot-bootstrap" + kind: "Job" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot-bootstrap.yaml new file mode 100644 index 00000000..c6aed633 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot-bootstrap.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "matrix-neodatefix-bot-bootstrap" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "matrix-neodatefix-bot-bootstrap" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot.yaml new file mode 100644 index 00000000..8ffcf94b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/matrix-neodatefix-bot.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "matrix-neodatefix-bot" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "matrix-neodatefix-bot" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/minio-provisioning.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/minio-provisioning.yaml new file mode 100644 index 00000000..d0ae37ff --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/minio-provisioning.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.minio.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "minio-provisioning" + namespace: {{ .Values.apps.minio.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "minio-provisioning" + targets: + - kubernetes: + name: "minio.{{ coalesce .Values.apps.minio.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/nubus-nginx-s3-gateway.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/nubus-nginx-s3-gateway.yaml new file mode 100644 index 00000000..b004166f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/nubus-nginx-s3-gateway.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "nubus-nginx-s3-gateway" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "nubus-nginx-s3-gateway" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-bootstrap.yaml new file mode 100644 index 00000000..5a69129b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-bootstrap.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-bootstrap" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-bootstrap" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-connector.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-connector.yaml new file mode 100644 index 00000000..789a8429 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-connector.yaml @@ -0,0 +1,36 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-connector" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-connector" + targets: + - kubernetes: + name: "ums-provisioning-api" + {{- if .Values.apps.oxAppSuite.enabled }} + - kubernetes: + name: "open-xchange-core-mw.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace}}" + {{- end }} + {{- if .Values.apps.xwiki.enabled }} + - kubernetes: + name: "xwiki.{{ coalesce .Values.apps.xwiki.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-mw-groupware.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-mw-groupware.yaml new file mode 100644 index 00000000..e1aa5fae --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-mw-groupware.yaml @@ -0,0 +1,70 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-core-mw-groupware" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-core-mw" + targets: + {{- if .Values.apps.clamavSimple.enabled }} + - kubernetes: + name: "clamav-simple.{{ coalesce .Values.apps.clamavSimple.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.clamavDistributed.enabled }} + - kubernetes: + name: "clamav-distributed.{{ coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.mariadb.enabled }} + - kubernetes: + name: "mariadb.{{ coalesce .Values.apps.mariadb.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "open-xchange-core-documentconverter.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + kind: "Deployment" + - kubernetes: + name: "open-xchange-core-imageconverter.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + kind: "Deployment" + - kubernetes: + name: "open-xchange-dovecot.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + - kubernetes: + name: "open-xchange-postfix.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + {{- if .Values.apps.element.enabled }} + - kubernetes: + name: "opendesk-synapse-web.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.nextcloud.enabled }} + - kubernetes: + name: "opendesk-nextcloud-aio.{{ coalesce .Values.apps.nextcloud.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-ui-middleware.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-ui-middleware.yaml new file mode 100644 index 00000000..49cda084 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-core-ui-middleware.yaml @@ -0,0 +1,39 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-core-ui-middleware" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-core-ui-middleware" + targets: + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "open-xchange-guard-ui.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + - kubernetes: + name: "open-xchange-core-ui.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + - kubernetes: + name: "open-xchange-guidedtours.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + - kubernetes: + name: "open-xchange-nextcloud-integration-ui.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + - kubernetes: + name: "open-xchange-public-sector-ui.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-dovecot.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-dovecot.yaml new file mode 100644 index 00000000..717d5a76 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-dovecot.yaml @@ -0,0 +1,41 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-dovecot" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-dovecot" + targets: + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + {{- if .Values.apps.cassandra.enabled }} + - kubernetes: + name: "cassandra.{{ coalesce .Values.apps.cassandra.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-imageconverter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-imageconverter.yaml new file mode 100644 index 00000000..fb471ddd --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-imageconverter.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-imageconverter" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-imageconverter" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-postfix.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-postfix.yaml new file mode 100644 index 00000000..7da4859f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/open-xchange-postfix.yaml @@ -0,0 +1,40 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "open-xchange-postfix" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "open-xchange-postfix" + targets: + {{- if .Values.apps.clamavDistributed.enabled }} + - kubernetes: + name: "clamav-milter.{{ coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.clamavSimple.enabled}} + - kubernetes: + name: "clamav-simple.{{ coalesce .Values.apps.clamavSimple.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "open-xchange-dovecot.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + {{- if .Values.apps.dkimpy.enabled }} + - kubernetes: + name: "dkimpy-milter.{{ coalesce .Values.apps.dkimpy.namespace .Release.Namespace }}" + {{- end }} + - internet: + domains: + - "{{ .Values.smtp.host }}" +... diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-jitsi-keycloak-adapter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-jitsi-keycloak-adapter.yaml new file mode 100644 index 00000000..ebc8899d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-jitsi-keycloak-adapter.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-jitsi-keycloak-adapter" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-jitsi-keycloak-adapter" + kind: "Deployment" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-keycloak-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-keycloak-bootstrap.yaml new file mode 100644 index 00000000..f19b7add --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-keycloak-bootstrap.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-keycloak-bootstrap" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-keycloak-bootstrap" + targets: + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service-bootstrap.yaml new file mode 100644 index 00000000..9bae760c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service-bootstrap.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-matrix-user-verification-service-bootstrap" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-matrix-user-verification-service-bootstrap" + targets: + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service.yaml new file mode 100644 index 00000000..dafc9169 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-matrix-user-verification-service.yaml @@ -0,0 +1,31 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-matrix-user-verification-service" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-matrix-user-verification-service" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "registry.npmjs.org" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-post.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-post.yaml new file mode 100644 index 00000000..27d39692 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-post.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.migrations.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-migrations-post" + namespace: {{ .Values.apps.migrations.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-migrations-post" + targets: + - internet: + domains: + - {{ .Values.cluster.api.domain }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-pre.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-pre.yaml new file mode 100644 index 00000000..e757b39a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-migrations-pre.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.migrations.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-migrations-pre" + namespace: {{ .Values.apps.migrations.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-migrations-pre" + targets: + - internet: + domains: + - {{ .Values.cluster.api.domain }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio-cron.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio-cron.yaml new file mode 100644 index 00000000..db13b83b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio-cron.yaml @@ -0,0 +1,52 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-nextcloud-aio-cron" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-nextcloud-aio-cron" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis" + {{- end }} + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end }} + {{- if .Values.apps.clamavSimple.enabled }} + - kubernetes: + name: "clamav-simple.{{ coalesce .Values.apps.clamavSimple.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "cloud.nextcloud.com" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio.yaml new file mode 100644 index 00000000..2cbc9c0b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-aio.yaml @@ -0,0 +1,53 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-nextcloud-aio" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-nextcloud-aio" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis" + {{- end }} + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary" + kind: "StatefulSet" + - kubernetes: + name: "ums-portal-server" + {{- end }} + {{- if .Values.apps.clamavSimple.enabled }} + - kubernetes: + name: "clamav-simple" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix" + {{- end }} + - kubernetes: + name: "opendesk-nextcloud-notifypush" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-exporter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-exporter.yaml new file mode 100644 index 00000000..ac62403e --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-exporter.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-nextcloud-exporter" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-nextcloud-exporter" + targets: + - kubernetes: + name: "opendesk-nextcloud-aio.{{ coalesce .Values.apps.nextcloud.namespace .Release.Namespace }}" + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-management.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-management.yaml new file mode 100644 index 00000000..3a54970b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-management.yaml @@ -0,0 +1,33 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-nextcloud-management" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-nextcloud-management" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-notifypush.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-notifypush.yaml new file mode 100644 index 00000000..b6418422 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-nextcloud-notifypush.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-nextcloud-notifypush" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-nextcloud-notifypush" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.redis.enabled }} + - kubernetes: + name: "redis.{{ coalesce .Values.apps.redis.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "opendesk-nextcloud-aio.{{ coalesce .Values.apps.nextcloud.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-openproject-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-openproject-bootstrap.yaml new file mode 100644 index 00000000..2338e998 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-openproject-bootstrap.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.openproject.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-openproject-bootstrap" + namespace: {{ .Values.apps.openproject.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-openproject-bootstrap" + targets: + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin-cron.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin-cron.yaml new file mode 100644 index 00000000..57b17b17 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin-cron.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-admin-cron" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-admin-cron" + targets: + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin.yaml new file mode 100644 index 00000000..4a1c6275 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-admin.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-admin" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-admin" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-adminbot-pipe.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-adminbot-pipe.yaml new file mode 100644 index 00000000..81e1e7b4 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-adminbot-pipe.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-adminbot-pipe" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-adminbot-pipe" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "opendesk-synapse-web.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-auditbot-pipe.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-auditbot-pipe.yaml new file mode 100644 index 00000000..c8c6376e --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-auditbot-pipe.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementAdmin.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-auditbot-pipe" + namespace: {{ .Values.apps.elementAdmin.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-auditbot-pipe" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "opendesk-synapse-web.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-groupsync .yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-groupsync .yaml new file mode 100644 index 00000000..c7ab696f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-groupsync .yaml @@ -0,0 +1,37 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.elementGroupsync.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-groupsync" + namespace: {{ .Values.apps.elementGroupsync.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-groupsync" + targets: + {{- if .Values.apps.element.enabled }} + - kubernetes: + name: "opendesk-synapse-web.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end}} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-web.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-web.yaml new file mode 100644 index 00000000..b34fcf9d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse-web.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse-web" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse-web" + targets: + - kubernetes: + name: "opendesk-synapse.{{ coalesce .Values.apps.element.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse.yaml new file mode 100644 index 00000000..db645e20 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/opendesk-synapse.yaml @@ -0,0 +1,40 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "opendesk-synapse" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "opendesk-synapse" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.elementAdmin.enabled }} + - kubernetes: + name: "opendesk-synapse-auditbot-pipe.{{ coalesce .Values.apps.elementAdmin.namespace .Release.Namespace }}" + - kubernetes: + name: "opendesk-synapse-adminbot-pipe.{{ coalesce .Values.apps.elementAdmin.namespace .Release.Namespace }}" + - kubernetes: + name: "opendesk-synapse-groupsync.{{ coalesce .Values.apps.elementAdmin.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject-seeder.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject-seeder.yaml new file mode 100644 index 00000000..4eb4a0f7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject-seeder.yaml @@ -0,0 +1,36 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.openproject.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "openproject-seeder" + namespace: {{ .Values.apps.openproject.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "openproject-seeder" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.memcached.enabled }} + - kubernetes: + name: "memcached.{{ coalesce .Values.apps.memcached.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject.yaml new file mode 100644 index 00000000..6381155c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/openproject.yaml @@ -0,0 +1,48 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.openproject.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "openproject" + namespace: {{ .Values.apps.openproject.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "openproject" + targets: + {{- if .Values.apps.memcached.enabled }} + - kubernetes: + name: "memcached.{{ coalesce .Values.apps.memcached.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.nubus.enabled }} + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "{{ .Values.cluster.networking.ingressGatewayIP }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postfix.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postfix.yaml new file mode 100644 index 00000000..28f68976 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postfix.yaml @@ -0,0 +1,44 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.postfix.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "postfix" + namespace: {{ .Values.apps.postfix.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "postfix" + targets: + {{- if .Values.apps.clamavDistributed.enabled }} + - kubernetes: + name: "clamav-milter.{{ coalesce .Values.apps.clamavDistributed.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.clamavSimple.enabled }} + - kubernetes: + name: "clamav-simple.{{ coalesce .Values.apps.clamavSimple.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.dovecot.enabled }} + - kubernetes: + name: "open-xchange-dovecot.{{ coalesce .Values.apps.oxAppSuite.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.dkimpy.enabled }} + - kubernetes: + name: "dkimpy-milter.{{ coalesce .Values.apps.dkimpy.namespace .Release.Namespace }}" + {{- end }} + - internet: + domains: + - "{{ .Values.smtp.host }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postgresql-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postgresql-bootstrap.yaml new file mode 100644 index 00000000..327d5c7e --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/postgresql-bootstrap.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.postgresql.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "postgresql-bootstrap" + namespace: {{ .Values.apps.postgresql.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "postgresql-bootstrap" + targets: + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-bootstrap.yaml new file mode 100644 index 00000000..9abd328f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-bootstrap.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-keycloak-bootstrap" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-keycloak-bootstrap" + targets: + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-handler.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-handler.yaml new file mode 100644 index 00000000..f22fedca --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-handler.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-keycloak-extensions-handler" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-keycloak-extensions-handler" + targets: + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postgresql.enabled}} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-proxy.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-proxy.yaml new file mode 100644 index 00000000..4fa1686f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak-extensions-proxy.yaml @@ -0,0 +1,31 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-keycloak-extensions-proxy" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-keycloak-extensions-proxy" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak.yaml new file mode 100644 index 00000000..53cc83d4 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-keycloak.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-keycloak" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-keycloak" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + kind: "StatefulSet" + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-notifier.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-notifier.yaml new file mode 100644 index 00000000..b97933c7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-notifier.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-ldap-notifier" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-ldap-notifier" + targets: + - kubernetes: + name: "ums-provisioning-udm-listener.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-primary.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-primary.yaml new file mode 100644 index 00000000..6b83ab35 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-primary.yaml @@ -0,0 +1,30 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-ldap-server-primary" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-ldap-server-primary" + targets: + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - internet: + domains: + - "{{ .Values.cluster.api.domain }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-secondary.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-secondary.yaml new file mode 100644 index 00000000..76defbd4 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-ldap-server-secondary.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-ldap-server-secondary" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-ldap-server-secondary" + targets: + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-consumer.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-consumer.yaml new file mode 100644 index 00000000..6a735def --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-consumer.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-portal-consumer" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-portal-consumer" + targets: + - kubernetes: + name: "ums-provisioning-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-server.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-server.yaml new file mode 100644 index 00000000..4cbc569f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-portal-server.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-portal-server" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-portal-server" + targets: + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-umc-server.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "{{ .Values.cluster.networking.ingressGatewayIP }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-api.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-api.yaml new file mode 100644 index 00000000..b560a3a8 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-api.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-api" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-api" + targets: + - kubernetes: + name: "ums-provisioning-nats.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-dispatcher.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-dispatcher.yaml new file mode 100644 index 00000000..7262e40f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-dispatcher.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-dispatcher" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-dispatcher" + targets: + - kubernetes: + name: "ums-provisioning-nats.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-prefill.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-prefill.yaml new file mode 100644 index 00000000..c2ca89cb --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-prefill.yaml @@ -0,0 +1,32 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-prefill" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-prefill" + targets: + - kubernetes: + name: "ums-provisioning-nats.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-provisioning-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-register-consumers.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-register-consumers.yaml new file mode 100644 index 00000000..55c80390 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-register-consumers.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-register-consumers" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-register-consumers" + targets: + - kubernetes: + name: "ums-provisioning-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-listener.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-listener.yaml new file mode 100644 index 00000000..7c06a986 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-listener.yaml @@ -0,0 +1,33 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-udm-listener" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-udm-listener" + targets: + - kubernetes: + name: "ums-ldap-notifier.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-provisioning-nats.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-transformer.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-transformer.yaml new file mode 100644 index 00000000..a283c082 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-provisioning-udm-transformer.yaml @@ -0,0 +1,36 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-provisioning-udm-transformer" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-provisioning-udm-transformer" + targets: + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-provisioning-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-provisioning-nats.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-selfservice-listener.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-selfservice-listener.yaml new file mode 100644 index 00000000..3070f521 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-selfservice-listener.yaml @@ -0,0 +1,29 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-selfservice-listener" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-selfservice-listener" + targets: + - kubernetes: + name: "ums-umc-server.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-provisioning-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-stack-data-ums.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-stack-data-ums.yaml new file mode 100644 index 00000000..17e5018a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-stack-data-ums.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-stack-data-ums" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-stack-data-ums" + targets: + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-udm-rest-api.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-udm-rest-api.yaml new file mode 100644 index 00000000..2a95d93e --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-udm-rest-api.yaml @@ -0,0 +1,33 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-udm-rest-api" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-udm-rest-api" + targets: + - kubernetes: + name: "ums-udm-rest-api.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" + - kubernetes: + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + kind: "StatefulSet" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-umc-server.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-umc-server.yaml new file mode 100644 index 00000000..60cc67a5 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/ums-umc-server.yaml @@ -0,0 +1,43 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "ums-umc-server" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + name: "ums-umc-server" + targets: + - kubernetes: + kind: "StatefulSet" + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + kind: "StatefulSet" + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-keycloak.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + name: "ums-umc-server.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/xwiki.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/xwiki.yaml new file mode 100644 index 00000000..f25a70b4 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ClientIntents/xwiki.yaml @@ -0,0 +1,51 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.xwiki.enabled .Values.clientIntents.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ClientIntents" +metadata: + name: "xwiki" + namespace: {{ .Values.apps.xwiki.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + workload: + kind: "StatefulSet" + name: "xwiki" + targets: + {{- if .Values.apps.postgresql.enabled }} + - kubernetes: + name: "postgresql.{{ coalesce .Values.apps.postgresql.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + kind: "StatefulSet" + name: "ums-ldap-server-primary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + - kubernetes: + kind: "StatefulSet" + name: "ums-ldap-server-secondary.{{ coalesce .Values.apps.nubus.namespace .Release.Namespace }}" + {{- if .Values.apps.collabora.enabled }} + - kubernetes: + name: "collabora.{{ coalesce .Values.apps.collabora.namespace .Release.Namespace }}" + {{- end }} + {{- if .Values.apps.postfix.enabled }} + - kubernetes: + name: "postfix.{{ coalesce .Values.apps.postfix.namespace .Release.Namespace }}" + {{- end }} + - kubernetes: + name: "{{ .Values.ingressController.name }}.{{ .Values.ingressController.namespace }}" + kind: "Deployment" + - internet: + domains: + - "extensions.xwiki.org" + - "store.xwiki.com" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev-ingress.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev-ingress.yaml new file mode 100644 index 00000000..d3036b57 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev-ingress.yaml @@ -0,0 +1,28 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "allow-all-dev-ingress" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: {} + ingress: + - from: + - podSelector: + matchLabels: + network-policy-dev: "true" + policyTypes: + - "Ingress" +... \ No newline at end of file diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev.yaml new file mode 100644 index 00000000..98816e95 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/allow-all-dev.yaml @@ -0,0 +1,27 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "allow-all-dev" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + network-policy-dev: "true" + egress: + - {} + policyTypes: + - "Egress" +... \ No newline at end of file diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/collabora-prometheus-access.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/collabora-prometheus-access.yaml new file mode 100644 index 00000000..c3ebb614 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/collabora-prometheus-access.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.collabora.enabled .Values.networkPolicies.enabled .Values.monitoring.prometheus.serviceMonitors.enabled }} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "collabora-prometheus-access" + namespace: {{ .Values.apps.collabora.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: "collabora-online" + ingress: + - from: + - podSelector: + matchLabels: + {{- .Values.monitoring.prometheus.podSelectorLabels | toYaml | nindent 12 }} + namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Values.monitoring.prometheus.namespace | quote }} + policyTypes: + - "Ingress" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-deny-all.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-deny-all.yaml new file mode 100644 index 00000000..80aeffa5 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-deny-all.yaml @@ -0,0 +1,24 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "default-deny-all" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: {} + policyTypes: + - "Ingress" + - "Egress" +... diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-dns-access.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-dns-access.yaml new file mode 100644 index 00000000..780b5ca7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/default-dns-access.yaml @@ -0,0 +1,31 @@ +{{/* +SPDX-FileCopyrightText: 2025 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "default-dns-access" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: {} + policyTypes: + - "Egress" + egress: + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: "kube-system" + - podSelector: + matchLabels: + k8s-app: "kube-dns" +... diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/dovecot.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/dovecot.yaml new file mode 100644 index 00000000..c4f42d95 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/dovecot.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.extraApps.clusterPostfix.enabled .Values.networkPolicies.enabled }} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "{{ include "common.names.fullname" . }}-dovecot-external" + namespace: {{ .Values.apps.dovecot.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: "dovecot" + ingress: + - from: + - podSelector: + matchLabels: + app.kubernetes.io/name: "postfix" + namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Values.extraApps.clusterPostfix.namespace | quote }} + policyTypes: + - "Ingress" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/minio-prometheus-access.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/minio-prometheus-access.yaml new file mode 100644 index 00000000..d79e0645 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/minio-prometheus-access.yaml @@ -0,0 +1,35 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.minio.enabled .Values.networkPolicies.enabled .Values.monitoring.prometheus.serviceMonitors.enabled }} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "minio-prometheus-access" + namespace: {{ .Values.apps.minio.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: "minio" + ingress: + - from: + - podSelector: + matchLabels: + {{- .Values.monitoring.prometheus.podSelectorLabels | toYaml | nindent 12 }} + namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Values.monitoring.prometheus.namespace | quote }} + policyTypes: + - "Ingress" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/opendesk-nextcloud-exporter-prometheus-access.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/opendesk-nextcloud-exporter-prometheus-access.yaml new file mode 100644 index 00000000..4b49ba5a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/NetworkPolicies/opendesk-nextcloud-exporter-prometheus-access.yaml @@ -0,0 +1,36 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.networkPolicies.enabled .Values.monitoring.prometheus.serviceMonitors.enabled }} +--- +apiVersion: "networking.k8s.io/v1" +kind: "NetworkPolicy" +metadata: + name: "opendesk-nextcloud-exporter-prometheus-access" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: "opendesk-nextcloud" + app.kubernetes.io/name: "exporter" + ingress: + - from: + - podSelector: + matchLabels: + {{- .Values.monitoring.prometheus.podSelectorLabels | toYaml | nindent 12 }} + namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Values.monitoring.prometheus.namespace | quote }} + policyTypes: + - "Ingress" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cassandra.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cassandra.yaml new file mode 100644 index 00000000..c3db9638 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cassandra.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.cassandra.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "cassandra" + namespace: {{ .Values.apps.cassandra.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "cassandra" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-clamd.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-clamd.yaml new file mode 100644 index 00000000..881ee54f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-clamd.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "clamav-clamd" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "clamav-clamd" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-freshclam.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-freshclam.yaml new file mode 100644 index 00000000..df6d0cd7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-freshclam.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "clamav-freshclam" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "clamav-freshclam" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-icap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-icap.yaml new file mode 100644 index 00000000..5c98f16a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-icap.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "clamav-icap" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "clamav-icap" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-milter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-milter.yaml new file mode 100644 index 00000000..a9d2dbef --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-milter.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavDistributed.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "clamav-milter" + namespace: {{ .Values.apps.clamavDistributed.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "clamav-milter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-simple.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-simple.yaml new file mode 100644 index 00000000..622bb9bd --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/clamav-simple.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.clamavSimple.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "clamav-simple" + namespace: {{ .Values.apps.clamavSimple.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "clamav-simple" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora-controller.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora-controller.yaml new file mode 100644 index 00000000..b67f9c40 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora-controller.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.collabora.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "collabora-controller" + namespace: {{ .Values.apps.collabora.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "collabora-controller" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora.yaml new file mode 100644 index 00000000..c29f8958 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/collabora.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.collabora.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "collabora" + namespace: {{ .Values.apps.collabora.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "collabora" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cryptpad.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cryptpad.yaml new file mode 100644 index 00000000..442f4450 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/cryptpad.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.cryptpad.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "cryptpad" + namespace: {{ .Values.apps.cryptpad.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "cryptpad" +... +{{- end }} \ No newline at end of file diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/dkimpy.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/dkimpy.yaml new file mode 100644 index 00000000..ec157dae --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/dkimpy.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.dkimpy.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "dkimpy" + namespace: {{ .Values.apps.dkimpy.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "dkimpy-milter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-backend.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-backend.yaml new file mode 100644 index 00000000..75b2fa4b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-backend.yaml @@ -0,0 +1,23 @@ +{{/* + SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" + SPDX-License-Identifier: Apache-2.0 + */}} + {{- if and .Values.apps.notes.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "impress-backend" + namespace: {{ .Values.apps.notes.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "impress-backend" +... + {{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-frontend.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-frontend.yaml new file mode 100644 index 00000000..6044ccf5 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-frontend.yaml @@ -0,0 +1,23 @@ +{{/* + SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" + SPDX-License-Identifier: Apache-2.0 + */}} + {{- if and .Values.apps.notes.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "impress-frontend" + namespace: {{ .Values.apps.notes.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "impress-frontend" +... + {{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-y-provider.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-y-provider.yaml new file mode 100644 index 00000000..e060bbdb --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/impress-y-provider.yaml @@ -0,0 +1,23 @@ +{{/* + SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" + SPDX-License-Identifier: Apache-2.0 + */}} + {{- if and .Values.apps.notes.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.clientIntents.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "impress-y-provider" + namespace: {{ .Values.apps.notes.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "impress-y-provider" +... + {{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/intercom-service.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/intercom-service.yaml new file mode 100644 index 00000000..a988757d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/intercom-service.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "intercom-service" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "intercom-service" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jibri.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jibri.yaml new file mode 100644 index 00000000..b30ebc00 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jibri.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "jitsi-jibri" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "jitsi-jibri" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jvb.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jvb.yaml new file mode 100644 index 00000000..67148f26 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-jvb.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "jitsi-jvb" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "jitsi-jvb" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-keycloak-adapter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-keycloak-adapter.yaml new file mode 100644 index 00000000..6f853112 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-keycloak-adapter.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-jitsi-keycloak-adapter" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-jitsi-keycloak-adapter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-prosody.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-prosody.yaml new file mode 100644 index 00000000..aa5e421d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-prosody.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "jitsi-prosody" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "jitsi-prosody" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-web.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-web.yaml new file mode 100644 index 00000000..3adf1e2d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/jitsi-web.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.jitsi.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "jitsi-web" + namespace: {{ .Values.apps.jitsi.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "jitsi-web" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/mariadb.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/mariadb.yaml new file mode 100644 index 00000000..1193488d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/mariadb.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.mariadb.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "mariadb" + namespace: {{ .Values.apps.mariadb.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "mariadb" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neoboard-widget.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neoboard-widget.yaml new file mode 100644 index 00000000..20688e42 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neoboard-widget.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "matrix-neoboard-widget" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "matrix-neoboard-widget" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neochoice-widget.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neochoice-widget.yaml new file mode 100644 index 00000000..efa38a85 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neochoice-widget.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "matrix-neochoice-widget" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "matrix-neochoice-widget" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-bot.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-bot.yaml new file mode 100644 index 00000000..13f5ab0f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-bot.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "matrix-neodatefix-bot" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "matrix-neodatefix-bot" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-widget.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-widget.yaml new file mode 100644 index 00000000..65816ad9 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/matrix-neodatefix-widget.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "matrix-neodatefix-widget" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "matrix-neodatefix-widget" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/memcached.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/memcached.yaml new file mode 100644 index 00000000..6e5f0a6b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/memcached.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.memcached.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "memcached" + namespace: {{ .Values.apps.memcached.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "memcached" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio-provisioning.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio-provisioning.yaml new file mode 100644 index 00000000..2fdff8c1 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio-provisioning.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.minio.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "{{ include "common.names.fullname" . }}-minio-provisioning" + namespace: {{ .Values.apps.minio.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "minio-provisioning" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio.yaml new file mode 100644 index 00000000..ae38f16b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/minio.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.minio.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "minio" + namespace: {{ .Values.apps.minio.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "minio" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/nubus-nginx-s3-gateway.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/nubus-nginx-s3-gateway.yaml new file mode 100644 index 00000000..fca54efa --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/nubus-nginx-s3-gateway.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "nubus-nginx-s3-gateway" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "nubus-nginx-s3-gateway" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-documentconverter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-documentconverter.yaml new file mode 100644 index 00000000..21d9b1e1 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-documentconverter.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-documentconverter" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-documentconverter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-imageconverter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-imageconverter.yaml new file mode 100644 index 00000000..17ef8de2 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-imageconverter.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-imageconverter" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-imageconverter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-mw.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-mw.yaml new file mode 100644 index 00000000..9cf62387 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-mw.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-mw" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-mw" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui-middleware.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui-middleware.yaml new file mode 100644 index 00000000..5b6d8a7d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui-middleware.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-ui-middleware" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-ui-middleware" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui.yaml new file mode 100644 index 00000000..24cf8f57 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-ui.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-ui" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-ui" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-user-guide.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-user-guide.yaml new file mode 100644 index 00000000..3ae87b3c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-core-user-guide.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-core-user-guide" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-core-user-guide" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-dovecot.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-dovecot.yaml new file mode 100644 index 00000000..9584d4cf --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-dovecot.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-dovecot" + namespace: {{ .Values.apps.dovecot.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-dovecot" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-gotenberg.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-gotenberg.yaml new file mode 100644 index 00000000..69b0c49a --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-gotenberg.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-gotenberg" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-gotenberg" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guard-ui.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guard-ui.yaml new file mode 100644 index 00000000..446c9105 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guard-ui.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-guard-ui" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-guard-ui" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guidedtours.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guidedtours.yaml new file mode 100644 index 00000000..0d916e54 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-guidedtours.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-guidedtours" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-guidedtours" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-nextcloud-integration-ui.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-nextcloud-integration-ui.yaml new file mode 100644 index 00000000..76136bea --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-nextcloud-integration-ui.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-nextcloud-integration-ui" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-nextcloud-integration-ui" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-postfix.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-postfix.yaml new file mode 100644 index 00000000..b109e034 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-postfix.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-postfix" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-postfix" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-public-sector-ui.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-public-sector-ui.yaml new file mode 100644 index 00000000..d53fca75 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/open-xchange-public-sector-ui.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.oxAppSuite.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "open-xchange-public-sector-ui" + namespace: {{ .Values.apps.oxAppSuite.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "open-xchange-public-sector-ui" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-element.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-element.yaml new file mode 100644 index 00000000..61ee393b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-element.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-element" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-element" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-matrix-user-verification-service.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-matrix-user-verification-service.yaml new file mode 100644 index 00000000..83173148 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-matrix-user-verification-service.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-matrix-user-verification-service" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-matrix-user-verification-service" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-migrations-pre.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-migrations-pre.yaml new file mode 100644 index 00000000..9f689632 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-migrations-pre.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.migrations.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-migrations-pre" + namespace: {{ .Values.apps.migrations.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-migrations-pre" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio-cron.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio-cron.yaml new file mode 100644 index 00000000..3a6205cd --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio-cron.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-nextcloud-aio-cron" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-nextcloud-aio-cron" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio.yaml new file mode 100644 index 00000000..eda84b93 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-aio.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-nextcloud-aio" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-nextcloud-aio" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-exporter.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-exporter.yaml new file mode 100644 index 00000000..68fd9632 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-exporter.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-nextcloud-exporter" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-nextcloud-exporter" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-management.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-management.yaml new file mode 100644 index 00000000..1a11bf9d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-management.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-nextcloud-management" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-nextcloud-management" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-notifypush.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-notifypush.yaml new file mode 100644 index 00000000..4ee4c780 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-nextcloud-notifypush.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nextcloud.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-nextcloud-notifypush" + namespace: {{ .Values.apps.nextcloud.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-nextcloud-notifypush" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-static-files.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-static-files.yaml new file mode 100644 index 00000000..58089007 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-static-files.yaml @@ -0,0 +1,19 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-static-files" + namespace: {{ .Values.apps.staticFiles.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-static-files" +... diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse-web.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse-web.yaml new file mode 100644 index 00000000..7a1cea7c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse-web.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-synapse-web" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-synapse-web" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse.yaml new file mode 100644 index 00000000..8e94b696 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-synapse.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-synapse" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-synapse" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-well-known.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-well-known.yaml new file mode 100644 index 00000000..967ab13e --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/opendesk-well-known.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.element.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "opendesk-well-known" + namespace: {{ .Values.apps.element.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "opendesk-well-known" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject-seeder.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject-seeder.yaml new file mode 100644 index 00000000..9e4df205 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject-seeder.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.openproject.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "openproject-seeder" + namespace: {{ .Values.apps.openproject.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "openproject-seeder" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject.yaml new file mode 100644 index 00000000..b3dfe498 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/openproject.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.openproject.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "openproject" + namespace: {{ .Values.apps.openproject.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "openproject" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postfix.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postfix.yaml new file mode 100644 index 00000000..c54ad041 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postfix.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.postfix.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "postfix" + namespace: {{ .Values.apps.postfix.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "postfix" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql-bootstrap.yaml new file mode 100644 index 00000000..5845f542 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql-bootstrap.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.postgresql.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "postgresql-bootstrap" + namespace: {{ .Values.apps.postgresql.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "postgresql-bootstrap" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql.yaml new file mode 100644 index 00000000..f1d00a59 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/postgresql.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.postgresql.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "postgresql" + namespace: {{ .Values.apps.postgresql.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "postgresql" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/redis.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/redis.yaml new file mode 100644 index 00000000..eb9689e4 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/redis.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.redis.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "redis" + namespace: {{ .Values.apps.redis.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "redis" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-bootstrap.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-bootstrap.yaml new file mode 100644 index 00000000..5bd8626f --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-bootstrap.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-keycloak-bootstrap" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-keycloak-bootstrap" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-handler.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-handler.yaml new file mode 100644 index 00000000..df46bd3b --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-handler.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-keycloak-extensions-handler" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-keycloak-extensions-handler" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-proxy.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-proxy.yaml new file mode 100644 index 00000000..e8a13ba9 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak-extensions-proxy.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-keycloak-extensions-proxy" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-keycloak-extensions-proxy" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak.yaml new file mode 100644 index 00000000..cee9fb77 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-keycloak.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-keycloak" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-keycloak" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-notifier.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-notifier.yaml new file mode 100644 index 00000000..e488e473 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-notifier.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-ldap-notifier" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-ldap-notifier" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-primary.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-primary.yaml new file mode 100644 index 00000000..99356713 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-primary.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-ldap-server-primary" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-ldap-server-primary" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-secondary.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-secondary.yaml new file mode 100644 index 00000000..05e74048 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-ldap-server-secondary.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-ldap-server-secondary" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-ldap-server-secondary" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-consumer.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-consumer.yaml new file mode 100644 index 00000000..41cfa166 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-consumer.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-portal-consumer" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-portal-consumer" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-frontend.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-frontend.yaml new file mode 100644 index 00000000..1ba012b7 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-frontend.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-portal-frontend" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-portal-frontend" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-server.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-server.yaml new file mode 100644 index 00000000..c6384827 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-portal-server.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-portal-server" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-portal-server" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-api.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-api.yaml new file mode 100644 index 00000000..7f956dc0 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-api.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-api" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-api" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-dispatcher.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-dispatcher.yaml new file mode 100644 index 00000000..a0d2ea99 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-dispatcher.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-dispatcher" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-dispatcher" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-nats.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-nats.yaml new file mode 100644 index 00000000..6c3f2d4c --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-nats.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-nats" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-nats" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-prefill.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-prefill.yaml new file mode 100644 index 00000000..6ae2eb68 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-prefill.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-prefill" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-prefill" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-register-consumers.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-register-consumers.yaml new file mode 100644 index 00000000..1aabf3a1 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-register-consumers.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-register-consumers" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-register-consumers" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-listener.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-listener.yaml new file mode 100644 index 00000000..4c9bb465 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-listener.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-udm-listener" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-udm-listener" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-transformer.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-transformer.yaml new file mode 100644 index 00000000..cca76467 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-provisioning-udm-transformer.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-provisioning-udm-transformer" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-provisioning-udm-transformer" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-selfservice-listener.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-selfservice-listener.yaml new file mode 100644 index 00000000..a5357545 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-selfservice-listener.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-selfservice-listener" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-selfservice-listener" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-stack-data-ums.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-stack-data-ums.yaml new file mode 100644 index 00000000..5d42907d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-stack-data-ums.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-stack-data-ums" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-stack-data-ums" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-udm-rest-api.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-udm-rest-api.yaml new file mode 100644 index 00000000..52153b72 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-udm-rest-api.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-udm-rest-api" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-udm-rest-api" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-gateway.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-gateway.yaml new file mode 100644 index 00000000..767c335d --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-gateway.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-umc-gateway" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-umc-gateway" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-server.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-server.yaml new file mode 100644 index 00000000..7a4b9baa --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/ums-umc-server.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.nubus.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "ums-umc-server" + namespace: {{ .Values.apps.nubus.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "ums-umc-server" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/xwiki.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/xwiki.yaml new file mode 100644 index 00000000..453cfd89 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/templates/ProtectedServices/xwiki.yaml @@ -0,0 +1,23 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +{{- if and .Values.apps.xwiki.enabled .Values.protectedServices.enabled }} +--- +apiVersion: {{ .Values.protectedServices.apiVersion | quote }} +kind: "ProtectedService" +metadata: + name: "xwiki" + namespace: {{ .Values.apps.xwiki.namespace | default .Release.Namespace | quote }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.additionalLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.additionalLabels "context" . ) | nindent 4 }} + {{- end }} + {{- if .Values.additionalAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.additionalAnnotations "context" . ) | nindent 4 }} + {{- end }} +spec: + name: "xwiki" +... +{{- end }} diff --git a/helmfile/apps/opendesk-services/charts/opendesk-otterize/values.yaml b/helmfile/apps/opendesk-services/charts/opendesk-otterize/values.yaml new file mode 100644 index 00000000..264d4167 --- /dev/null +++ b/helmfile/apps/opendesk-services/charts/opendesk-otterize/values.yaml @@ -0,0 +1,250 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +# The global properties are used to configure multiple charts at once. +global: + # -- Deployment base domain used for egress restrictions to opendesk services via Ingress. + domain: "example.internal" + # -- A map of avaible deployment subdomains. + hosts: + collabora: "office" + cryptpad: "pad" + element: "chat" + intercomService: "ics" + jitsi: "meet" + keycloak: "id" + matrixNeoBoardWidget: "matrix-neoboard-widget" + matrixNeoChoiceWidget: "matrix-neochoice-widget" + matrixNeoDateFixBot: "matrix-neodatefix-bot" + matrixNeoDateFixWidget: "matrix-neodatefix-widget" + minioApi: "objectstore" + minioConsole: "objectstore-ui" + nextcloud: "files" + notes: "notes" + nubus: "portal" + openproject: "projects" + openxchange: "webmail" + synapse: "matrix" + synapseFederation: "matrix-federation" + whiteboard: "whiteboard" + xwiki: "wiki" + +cluster: + service: + type: "LoadBalancer" + networking: + ingressGatewayIP: "" + api: + domain: "" + port: 443 +smtp: + host: ~ + +# -- Additional custom annotations to add to all deployed objects. +additionalAnnotations: {} + +# -- Additional custom labels to add to all deployed objects. +additionalLabels: {} + +# Enable the creation of resources for openDesk apps. +apps: + cassandra: + # -- Enables Cassandra related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + certificates: + # -- Enables openDesk certificates related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + clamavDistributed: + # -- Enables ClamAV (in distributed mode) related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + # -- Signature database host + signatureHost: "gitlab.opencode.de" + clamavSimple: + # -- Enables ClamAV (in simple mode) related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + # -- Signature database host + signatureHost: "gitlab.opencode.de" + collabora: + # -- Enables Collabora related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + collaboraController: + # -- Enables Collabora controller related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + cryptpad: + # -- Enables Cryptpad related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + dkimpy: + # -- Enables dkimpy related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + dovecot: + # -- Enables Dovecot related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + element: + # -- Enables Element related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + elementAdmin: + # -- Enables element admin related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + elementGroupsync: + # -- Enables element group sync related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + home: + # -- Enables operDesk home sync related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + jitsi: + # -- Enables Jitsi related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + mariadb: + # -- Enables MariaDB related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + memcached: + # -- Enables Memcached related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + migrations: + # -- Enables openDesk migrations related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + minio: + # -- Enables MinIO related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + notes: + # -- Enables LaSuite Notes related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + nubus: + # -- Enables Univention Management Stack related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + nextcloud: + # -- Enables Nextcloud related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + openproject: + # -- Enables OpenProject related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + oxAppSuite: + # -- Enables Open-Xchange Appsuite related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + postfix: + # -- Enables Postfix related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + postgresql: + # -- Enables PostgreSQL related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + redis: + # -- Enables Redis related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + staticFiles: + # -- Enables OpenDesk static files related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + xwiki: + # -- Enables XWiki related resource creation. + enabled: true + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: ~ + +# Deploy intents for additional apps. +extraApps: + # Cluster-wide postfix relay service. + clusterPostfix: + # -- Enables cluster-wide postfix related resource creation. + enabled: false + # -- If omitted, resources are deployed in the same namespace as this helm chart. + namespace: "swp-cross-instance-mail" + +clientIntents: + # -- Choose the API version to use. + apiVersion: "k8s.otterize.com/v2beta1" + # -- Enable creation of ClientIntents custom resource. + enabled: true +networkPolicies: + # -- Enable creation of NetworkPolicies custom resource. + enabled: true + +ingressController: + # -- Pod selector for ingress controller to match for NetworkPolicies. + podSelectorLabels: + app.kubernetes.io/component: "controller" + app.kubernetes.io/instance: "ingress-nginx" + app.kubernetes.io/name: "ingress-nginx" + # -- Name of deployment + name: "ingress-nginx-controller" + # -- Namespace of ingress controller to match for NetworkPolicies. + namespace: "ingress-nginx" + +istioGateway: + # -- Pod selector for ingress controller to match for NetworkPolicies. + podSelector: + matchLabels: + istio: "gateway" + app: "gateway" + + # -- Namespace of ingress controller. + namespace: "istio-system" + + +# -- Pod selector labels for prometheus to match for NetworkPolicies. +monitoring: + prometheus: + podSelectorLabels: {} + # -- Namespace of prometheus agent. + namespace: "monitoring" + serviceMonitors: + enabled: false + +protectedServices: + # -- Choose the API version to use. + apiVersion: "k8s.otterize.com/v2beta1" + # -- Enable creation of ProtectedServices custom resource. + enabled: true +... diff --git a/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl b/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl index 8f3cfb01..8ac0e2b6 100644 --- a/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl +++ b/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl @@ -64,7 +64,7 @@ repositories: releases: - name: "opendesk-otterize" - chart: "otterize-repo/{{ .Values.charts.otterize.name }}" + chart: "charts/{{ .Values.charts.otterize.name }}" version: "{{ .Values.charts.otterize.version }}" values: - "values-otterize.yaml.gotmpl"