fix(helmfile): Cleanup and small conformity fixes

2025-12-08 00:11:38 +01:00 · 2024-01-15 08:30:30 +01:00
parent 77e32fada8
commit db0a544155
5 changed files with 30 additions and 67 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -132,15 +132,6 @@ variables:
  TESTS_BRANCH:
    description: "Branch of E2E-tests on which the test pipeline is triggered"
    value: "main"
  RUN_UMS_TESTS:
    description: "Run E2E test suite of SouvAP Dev team"
    value: "no"
    options:
      - "yes"
      - "no"
  UMS_TESTS_BRANCH:
    description: "Branch of E2E test suite of SouvAP Dev team"
    value: "main"
 .deploy-common:
  cache: {}
@@ -443,34 +434,6 @@ run-tests:
      }" \
      "https://${TESTS_PROJECT_URL}/trigger/pipeline"
 run-souvap-dev-tests:
  extends: ".deploy-common"
  environment:
    name: "${NAMESPACE}"
  stage: "tests"
  rules:
    - if: >
        $CI_PIPELINE_SOURCE =~ "web|schedules|triggers" && $NAMESPACE =~ /.+/ && $RUN_UMS_TESTS == "yes"
      when: "on_success"
  script:
    - *ums-default-password
    - |
      curl --request POST \
      --header "Content-Type: application/json" \
      --data "{ \
        \"ref\": \"${UMS_TESTS_BRANCH}\", \
        \"token\": \"${CI_JOB_TOKEN}\", \
        \"variables\": { \
          \"portal_base_url\": \"https://portal.${DOMAIN}\", \
          \"username\": \"${DEFAULT_USER_NAME}\", \
          \"password\": \"${DEFAULT_USER_PASSWORD}\", \
          \"admin_username\": \"${DEFAULT_ADMIN_NAME}\", \
          \"admin_password\": \"${DEFAULT_ADMIN_PASSWORD}\", \
          \"keycloak_base_url\": \"https://id.${DOMAIN}\" \
        } \
      }" \
      "https://${UMS_TESTS_PROJECT_URL}/trigger/pipeline"
 avscan-prepare:
  stage: ".pre"
  rules:
@@ -580,14 +543,12 @@ opendesk-linter:
  image: "registry.souvap-univention.de/souvap/tooling/images/semantic-release-patched:latest"
  tags: []
 conventional-commits-linter:
  rules:
    - if: "$JOB_CONVENTIONAL_COMMITS_LINTER_ENABLED == 'false' || $CI_PIPELINE_SOURCE =~ 'tags|merge_request_event'"
      when: "never"
    - when: "always"
 common-yaml-linter:
  rules:
    - if: "$JOB_COMMON_YAML_LINTER_ENABLED == 'false' || $CI_PIPELINE_SOURCE =~ 'tags|triggers|web|merge_request_event'"
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze
 SPDX-License-Identifier: Apache-2.0
 -->
-![logo](./helmfile/environments/default/theme/logo_portal_background.svg)
+<h1>openDesk Deployment Automation</h1>
 openDesk is a Kubernetes based, open-source and cloud-native digital workplace suite provided by the "Projektgruppe für
 Aufbau ZenDiS" of Germany's Federal Ministry of the Interior.
--- a/docs/requirements.md
+++ b/docs/requirements.md
@@ -7,7 +7,7 @@ SPDX-License-Identifier: Apache-2.0
 This section covers the internal system requirements as well as external service requirements for productive use.
 <!-- TOC -->
-* [TL;DR;](#tldr)
+* [tl;dr](#tldr)
 * [Hardware](#hardware)
 * [Kubernetes](#kubernetes)
 * [Ingress controller](#ingress-controller)
@@ -17,7 +17,7 @@ This section covers the internal system requirements as well as external service
 * [Deployment](#deployment)
 <!-- TOC -->
-# TL;DR;
+# tl;dr
 openDesk is a Kubernetes only solution and requires an existing Kubernetes (K8s) cluster.
 - K8s cluster >= 1.24, [CNCF Certified Kubernetes Distro](https://www.cncf.io/certification/software-conformance/)
--- a/helmfile/apps/univention-management-stack/values-opendesk-keycloak-bootstrap.yaml.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-opendesk-keycloak-bootstrap.yaml.gotmpl
@@ -86,6 +86,7 @@ config:
        authorizationServicesEnabled: false
        attributes:
          backchannel.logout.session.required: true
          backchannel.logout.revoke.offline.tokens: true
          backchannel.logout.url: "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/backchannel-logout"
        protocolMappers:
          - name: "intercom-audience"
--- a/helmfile/environments/default/images.yaml
+++ b/helmfile/environments/default/images.yaml
@@ -4,7 +4,7 @@
 images:
  clamd:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "clamav/clamav"
@@ -23,7 +23,7 @@ images:
    # @mirrorFrom: ['23', '5', '6']
  cryptpad:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=cryptpad/cryptpad
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -54,7 +54,7 @@ images:
    # @mirrorFrom: ['1', '8', '0']
  freshclam:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "clamav/clamav"
@@ -81,7 +81,7 @@ images:
    # @mirrorFrom: ['1', '6']
  jibri:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=jitsi/jibri
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -92,7 +92,7 @@ images:
    # @mirrorFrom: ['8922']
  jicofo:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=jitsi/jicofo
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -103,7 +103,7 @@ images:
    # @mirrorFrom: ['8922']
  jitsi:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=jitsi/web
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -125,7 +125,7 @@ images:
    # @mirrorFrom: ['2023', '12', '14']
  jitsiPatchJVB:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=bitnami/kubectl
    # dependencyType=external
    registry: "registry-1.docker.io"
@@ -134,7 +134,7 @@ images:
    # @supplier: "Nordeck"
  jvb:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=jitsi/jvb
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -145,7 +145,7 @@ images:
    # @mirrorFrom: ['8922']
  mariadb:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "library/mariadb"
@@ -197,7 +197,7 @@ images:
    # @mirrorFrom: ['1', '6', '0']
  matrixUserVerificationService:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=matrixdotorg/matrix-user-verification-service
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -208,7 +208,7 @@ images:
    # @mirrorFrom: ['3', '0', '0']
  memcached:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "bitnami/memcached"
@@ -216,7 +216,7 @@ images:
    # @supplier: "openDesk"
  milter:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "clamav/clamav"
@@ -224,7 +224,7 @@ images:
    # @supplier: "openDesk"
  minio:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "bitnami/minio"
@@ -272,7 +272,7 @@ images:
    # @supplier: "openDesk"
  openproject:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=openproject/open_desk
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -291,7 +291,7 @@ images:
    # @supplier: "openDesk"
  openprojectInitDb:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=postgres
    # dependencyType=external
    registry: "registry-1.docker.io"
@@ -300,7 +300,7 @@ images:
    # @supplier: "OpenProject"
  openxchangeBootstrap:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "alpine/k8s"
@@ -448,7 +448,7 @@ images:
    # @supplier: "openDesk"
  postgresql:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "library/postgres"
@@ -456,7 +456,7 @@ images:
    # @supplier: "openDesk"
  prosody:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=jitsi/prosody
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -467,7 +467,7 @@ images:
    # @mirrorFrom: ['8922']
  redis:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=bitnami/redis
    # dependencyType=external
    registry: "registry-1.docker.io"
@@ -476,7 +476,7 @@ images:
    # @supplier: "openDesk"
  synapse:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=matrixdotorg/synapse
    # dependencyType=supplier
    registry: "registry.opencode.de"
@@ -487,7 +487,7 @@ images:
    # @mirrorFrom: ['1', '91', '2']
  synapseCreateUser:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "alpine/k8s"
@@ -506,7 +506,7 @@ images:
    # @mirrorFrom: ['1', '0', '0']
  synapseWeb:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "rapidfort/haproxy-official"
@@ -722,12 +722,13 @@ images:
    # @mirrorFrom: ['0', '3', '2']
  umsStackGateway:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # upstreamRepository=bitnami/nginx
    # dependencyType=external
-    registry: "docker.io"
+    registry: "registry-1.docker.io"
    repository: "bitnami/nginx"
    tag: "1.25.3@sha256:40ce0d6b8f5fc174a4df8c59c8893164c540192ee862cb7253650a30d9dc3b73"
    # @supplier: "Univention"
  umsStoreDav:
    # renovate:
    # upstreamRegistry=registry.souvap-univention.de
@@ -785,7 +786,7 @@ images:
    # @mirrorFrom: ['0', '9', '4']
  wellKnown:
    # renovate:
-    # upstreamRegistry=docker.io
+    # upstreamRegistry=registry-1.docker.io
    # dependencyType=external
    registry: "registry-1.docker.io"
    repository: "library/nginx"