From fc7e8c245d1f2894dcbea0443b7c195ab2d30100 Mon Sep 17 00:00:00 2001
From: Johannes Lohmer <lohmer@univention.de>
Date: Wed, 28 Aug 2024 16:07:04 +0200
Subject: [PATCH] feat(nubus): Activate Nubus Provisioning components and
 Consumers to replace portal-listener and selfservice-listener

---
 helmfile/apps/nubus/values-nubus.yaml.gotmpl  | 25 +++----------------
 .../values-opendesk-customization.yaml.gotmpl | 10 --------
 .../nubus/values-opendesk-images.yaml.gotmpl  |  9 ++++++-
 .../environments/default/persistence.yaml     |  1 -
 helmfile/environments/default/resources.yaml  | 14 -----------
 helmfile/environments/default/secrets.gotmpl  |  1 -
 helmfile/environments/default/selinux.yaml    |  1 -
 helmfile/environments/test/values.yaml.gotmpl |  2 --
 8 files changed, 11 insertions(+), 52 deletions(-)

diff --git a/helmfile/apps/nubus/values-nubus.yaml.gotmpl b/helmfile/apps/nubus/values-nubus.yaml.gotmpl
index 7d0a7c56..717a11c2 100644
--- a/helmfile/apps/nubus/values-nubus.yaml.gotmpl
+++ b/helmfile/apps/nubus/values-nubus.yaml.gotmpl
@@ -275,17 +275,10 @@ nubusPortalFrontend:
       secretName: {{ .Values.ingress.tls.secretName | quote }}
 
 nubusPortalListener:
-  enabled: true
-  portalListener:
-    objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
-    objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }}
-    objectStorageCredentialSecret:
-      name: "ums-portal-listener-minio-opendesk-credentials"
-      accessKeyKey: "access-key-id"
-      secretKeyKey: "secret-key-id"
+  enabled: false
 
 nubusPortalConsumer:
-  enabled: false
+  enabled: true
   portalConsumer:
     logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
     objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
@@ -304,10 +297,6 @@ nubusPortalConsumer:
     logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
     objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
     objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }}
-    objectStorageCredentialSecret:
-      name: "ums-portal-consumer-minio-opendesk-credentials"
-      accessKeyKey: "access-key-id"
-      secretKeyKey: "secret-key-id"
   provisioningApi:
     auth:
       username: "portal-consumer"
@@ -344,13 +333,9 @@ nubusUdmListener:
 
 nubusSelfServiceListener:
   enabled: false
-nubusUdmListener:
-  enabled: false
-nubusSelfServiceListener:
-  enabled: true
 
 nubusSelfServiceConsumer:
-  enabled: false
+  enabled: true
 
 # Nubus services
 nubusStackDataUms:
@@ -533,10 +518,6 @@ extraSecrets:
     stringData:
       access-key-id: {{ .Values.objectstores.nubus.username | quote }}
       secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}
-  - name: "ums-portal-listener-minio-opendesk-credentials"
-    stringData:
-      access-key-id: {{ .Values.objectstores.nubus.username | quote }}
-      secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}
   - name: "ums-portal-consumer-minio-opendesk-credentials"
     stringData:
       access-key-id: {{ .Values.objectstores.nubus.username | quote }}
diff --git a/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl b/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl
index ca2970e8..f5a5aae5 100644
--- a/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl
+++ b/helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl
@@ -87,16 +87,6 @@ nubusKeycloakExtensions:
     resources:
       {{ .Values.resources.umsKeycloakExtensionProxy | toYaml | nindent 6 }}
 
-nubusPortalListener:
-  podAnnotations:
-    intents.otterize.com/service-name: "ums-portal-listener"
-  replicaCount: {{ .Values.replicas.umsPortalListener }}
-  resources:
-    {{ .Values.resources.umsPortalListener | toYaml | nindent 4 }}
-  persistence:
-    storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
-    size: {{ .Values.persistence.size.nubus.portalListener | quote }}
-
 nubusPortalConsumer:
   podAnnotations:
     intents.otterize.com/service-name: "ums-portal-consumer"
diff --git a/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl b/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl
index 0acbe297..f9aaa9fe 100644
--- a/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl
+++ b/helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl
@@ -51,6 +51,13 @@ nubusLdapServer:
       repository: {{ .Values.images.nubusWaitForDependency.repository }}
       tag: {{ .Values.images.nubusWaitForDependency.tag }}
 
+nubusPortalConsumer:
+  portalConsumer:
+    image:
+      registry: {{ .Values.images.nubusPortalConsumer.registry }}
+      repository: {{ .Values.images.nubusPortalConsumer.repository }}
+      tag: {{ .Values.images.nubusPortalConsumer.tag }}
+
 nubusNotificationsApi:
   image:
     registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusNotificationsApi.registry | quote }}
@@ -65,7 +72,7 @@ nubusPortalFrontend:
 
 nubusPortalListener:
   image:
-    registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalListener.registry | quote }}
+    registry: {{ .Values.images.nubusPortalListener.registry }}
     repository: {{ .Values.images.nubusPortalListener.repository }}
     tag: {{ .Values.images.nubusPortalListener.tag }}
 
diff --git a/helmfile/environments/default/persistence.yaml b/helmfile/environments/default/persistence.yaml
index a1290bb1..e9c93a0d 100644
--- a/helmfile/environments/default/persistence.yaml
+++ b/helmfile/environments/default/persistence.yaml
@@ -19,7 +19,6 @@ persistence:
     nubus:
       ldapServerData: "1Gi"
       ldapServerShared: "1Gi"
-      portalListener: "1Gi"
       portalConsumer: "1Gi"
       selfserviceListener: "1Gi"
     xwiki: "1Gi"
diff --git a/helmfile/environments/default/resources.yaml b/helmfile/environments/default/resources.yaml
index da1cfaef..b7878506 100644
--- a/helmfile/environments/default/resources.yaml
+++ b/helmfile/environments/default/resources.yaml
@@ -471,20 +471,6 @@ resources:
     requests:
       cpu: 0.1
       memory: "256Mi"
-  umsPortalListener:
-    limits:
-      cpu: 99
-      memory: "1Gi"
-    requests:
-      cpu: 0.1
-      memory: "256Mi"
-  umsPortalListenerDependencies:
-    limits:
-      cpu: 99
-      memory: "1Gi"
-    requests:
-      cpu: 0.1
-      memory: "256Mi"
   umsPortalConsumer:
     limits:
       cpu: 99
diff --git a/helmfile/environments/default/secrets.gotmpl b/helmfile/environments/default/secrets.gotmpl
index f1ab4bae..f662f5d2 100644
--- a/helmfile/environments/default/secrets.gotmpl
+++ b/helmfile/environments/default/secrets.gotmpl
@@ -36,7 +36,6 @@ secrets:
       sysIdpUserPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "sysIdpUser" | sha1sum | quote }}
     storeDavUsers:
       portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }}
-      portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }}
       portalConsumer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-consumer" "store-dav" | sha1sum | quote }}
     provisioning:
       apiNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "nats" | sha1sum | quote }}
diff --git a/helmfile/environments/default/selinux.yaml b/helmfile/environments/default/selinux.yaml
index a76efde7..ad1270f9 100644
--- a/helmfile/environments/default/selinux.yaml
+++ b/helmfile/environments/default/selinux.yaml
@@ -77,7 +77,6 @@ seLinuxOptions:
   umsNotificationsApi: ~
   umsOpenPolicyAgent: ~
   umsPortalFrontend: ~
-  umsPortalListener: ~
   umsPortalConsumer: ~
   umsPortalServer: ~
   umsProvisioningDispatcher: ~
diff --git a/helmfile/environments/test/values.yaml.gotmpl b/helmfile/environments/test/values.yaml.gotmpl
index 39b0c402..35535f51 100644
--- a/helmfile/environments/test/values.yaml.gotmpl
+++ b/helmfile/environments/test/values.yaml.gotmpl
@@ -21,7 +21,6 @@ persistence:
     nubus:
       ldapServerData: "42Gi"
       ldapServerShared: "42Gi"
-      portalListener: "42Gi"
       portalConsumer: "42Gi"
       selfserviceListener: "42Gi"
     postfix: "42Gi"
@@ -92,7 +91,6 @@ replicas:
   umsLdapServer: 42
   umsNotificationsApi: 42
   umsPortalFrontend: 42
-  umsPortalListener: 42
   umsPortalConsumer: 42
   umsPortalServer: 42
   umsSelfserviceListener: 42