sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(helmfile): Cleanup and small conformity fixes

Browse Source
This commit is contained in:
Thorsten Roßner
2024-01-15 08:30:30 +01:00
parent 77e32fada8
commit db0a544155
5 changed files with 30 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.gitlab-ci.yml
View File

@@ -132,15 +132,6 @@ variables:
TESTS_BRANCH:
description: "Branch of E2E-tests on which the test pipeline is triggered"
value: "main"
RUN_UMS_TESTS:
description: "Run E2E test suite of SouvAP Dev team"
value: "no"
options:
- "yes"
- "no"
UMS_TESTS_BRANCH:
description: "Branch of E2E test suite of SouvAP Dev team"
value: "main"
.deploy-common:
cache: {}
@@ -443,34 +434,6 @@ run-tests:
}" \
"https://${TESTS_PROJECT_URL}/trigger/pipeline"
run-souvap-dev-tests:
extends: ".deploy-common"
environment:
name: "${NAMESPACE}"
stage: "tests"
rules:
- if: >
$CI_PIPELINE_SOURCE =~ "web|schedules|triggers" && $NAMESPACE =~ /.+/ && $RUN_UMS_TESTS == "yes"
when: "on_success"
script:
- *ums-default-password
- |
curl --request POST \
--header "Content-Type: application/json" \
--data "{ \
\"ref\": \"${UMS_TESTS_BRANCH}\", \
\"token\": \"${CI_JOB_TOKEN}\", \
\"variables\": { \
\"portal_base_url\": \"https://portal.${DOMAIN}\", \
\"username\": \"${DEFAULT_USER_NAME}\", \
\"password\": \"${DEFAULT_USER_PASSWORD}\", \
\"admin_username\": \"${DEFAULT_ADMIN_NAME}\", \
\"admin_password\": \"${DEFAULT_ADMIN_PASSWORD}\", \
\"keycloak_base_url\": \"https://id.${DOMAIN}\" \
} \
}" \
"https://${UMS_TESTS_PROJECT_URL}/trigger/pipeline"
avscan-prepare:
stage: ".pre"
rules:
@@ -580,14 +543,12 @@ opendesk-linter:
image: "registry.souvap-univention.de/souvap/tooling/images/semantic-release-patched:latest"
tags: []
conventional-commits-linter:
rules:
- if: "$JOB_CONVENTIONAL_COMMITS_LINTER_ENABLED == 'false' || $CI_PIPELINE_SOURCE =~ 'tags|merge_request_event'"
when: "never"
- when: "always"
common-yaml-linter:
rules:
- if: "$JOB_COMMON_YAML_LINTER_ENABLED == 'false' || $CI_PIPELINE_SOURCE =~ 'tags|triggers|web|merge_request_event'"

2
README.md
View File

@@ -3,7 +3,7 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze
SPDX-License-Identifier: Apache-2.0
-->
![logo](./helmfile/environments/default/theme/logo_portal_background.svg)
<h1>openDesk Deployment Automation</h1>
openDesk is a Kubernetes based, open-source and cloud-native digital workplace suite provided by the "Projektgruppe für
Aufbau ZenDiS" of Germany's Federal Ministry of the Interior.

4
docs/requirements.md
View File

@@ -7,7 +7,7 @@ SPDX-License-Identifier: Apache-2.0
This section covers the internal system requirements as well as external service requirements for productive use.
<!-- TOC -->
* [TL;DR;](#tldr)
* [tl;dr](#tldr)
* [Hardware](#hardware)
* [Kubernetes](#kubernetes)
* [Ingress controller](#ingress-controller)
@@ -17,7 +17,7 @@ This section covers the internal system requirements as well as external service
* [Deployment](#deployment)
<!-- TOC -->
# TL;DR;
# tl;dr
openDesk is a Kubernetes only solution and requires an existing Kubernetes (K8s) cluster.
- K8s cluster >= 1.24, [CNCF Certified Kubernetes Distro](https://www.cncf.io/certification/software-conformance/)

1
helmfile/apps/univention-management-stack/values-opendesk-keycloak-bootstrap.yaml.gotmpl
View File

@@ -86,6 +86,7 @@ config:
authorizationServicesEnabled: false
attributes:
backchannel.logout.session.required: true
backchannel.logout.revoke.offline.tokens: true
backchannel.logout.url: "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/backchannel-logout"
protocolMappers:
- name: "intercom-audience"

51
helmfile/environments/default/images.yaml
View File

@@ -4,7 +4,7 @@
images:
clamd:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "clamav/clamav"
@@ -23,7 +23,7 @@ images:
# @mirrorFrom: ['23', '5', '6']
cryptpad:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=cryptpad/cryptpad
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -54,7 +54,7 @@ images:
# @mirrorFrom: ['1', '8', '0']
freshclam:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "clamav/clamav"
@@ -81,7 +81,7 @@ images:
# @mirrorFrom: ['1', '6']
jibri:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=jitsi/jibri
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -92,7 +92,7 @@ images:
# @mirrorFrom: ['8922']
jicofo:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=jitsi/jicofo
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -103,7 +103,7 @@ images:
# @mirrorFrom: ['8922']
jitsi:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=jitsi/web
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -125,7 +125,7 @@ images:
# @mirrorFrom: ['2023', '12', '14']
jitsiPatchJVB:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=bitnami/kubectl
# dependencyType=external
registry: "registry-1.docker.io"
@@ -134,7 +134,7 @@ images:
# @supplier: "Nordeck"
jvb:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=jitsi/jvb
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -145,7 +145,7 @@ images:
# @mirrorFrom: ['8922']
mariadb:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "library/mariadb"
@@ -197,7 +197,7 @@ images:
# @mirrorFrom: ['1', '6', '0']
matrixUserVerificationService:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=matrixdotorg/matrix-user-verification-service
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -208,7 +208,7 @@ images:
# @mirrorFrom: ['3', '0', '0']
memcached:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "bitnami/memcached"
@@ -216,7 +216,7 @@ images:
# @supplier: "openDesk"
milter:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "clamav/clamav"
@@ -224,7 +224,7 @@ images:
# @supplier: "openDesk"
minio:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "bitnami/minio"
@@ -272,7 +272,7 @@ images:
# @supplier: "openDesk"
openproject:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=openproject/open_desk
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -291,7 +291,7 @@ images:
# @supplier: "openDesk"
openprojectInitDb:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=postgres
# dependencyType=external
registry: "registry-1.docker.io"
@@ -300,7 +300,7 @@ images:
# @supplier: "OpenProject"
openxchangeBootstrap:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "alpine/k8s"
@@ -448,7 +448,7 @@ images:
# @supplier: "openDesk"
postgresql:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "library/postgres"
@@ -456,7 +456,7 @@ images:
# @supplier: "openDesk"
prosody:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=jitsi/prosody
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -467,7 +467,7 @@ images:
# @mirrorFrom: ['8922']
redis:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=bitnami/redis
# dependencyType=external
registry: "registry-1.docker.io"
@@ -476,7 +476,7 @@ images:
# @supplier: "openDesk"
synapse:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=matrixdotorg/synapse
# dependencyType=supplier
registry: "registry.opencode.de"
@@ -487,7 +487,7 @@ images:
# @mirrorFrom: ['1', '91', '2']
synapseCreateUser:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "alpine/k8s"
@@ -506,7 +506,7 @@ images:
# @mirrorFrom: ['1', '0', '0']
synapseWeb:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "rapidfort/haproxy-official"
@@ -722,12 +722,13 @@ images:
# @mirrorFrom: ['0', '3', '2']
umsStackGateway:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# upstreamRepository=bitnami/nginx
# dependencyType=external
registry: "docker.io"
registry: "registry-1.docker.io"
repository: "bitnami/nginx"
tag: "1.25.3@sha256:40ce0d6b8f5fc174a4df8c59c8893164c540192ee862cb7253650a30d9dc3b73"
# @supplier: "Univention"
umsStoreDav:
# renovate:
# upstreamRegistry=registry.souvap-univention.de
@@ -785,7 +786,7 @@ images:
# @mirrorFrom: ['0', '9', '4']
wellKnown:
# renovate:
# upstreamRegistry=docker.io
# upstreamRegistry=registry-1.docker.io
# dependencyType=external
registry: "registry-1.docker.io"
repository: "library/nginx"