chore: Enable opendesk exporter by default

feat(monitoring): Add opendesk-exporter
The opendesk-exporter provides a builtin way for openDesk to expose prometheus metrics to an operator. See the applications repository for detailed information: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/images/opendesk-exporter
2025-12-09 08:48:34 +01:00 · 2025-12-08 15:17:21 +01:00 · 2025-12-08 15:17:21 +01:00 · 2025-11-24 15:32:49 +00:00 · 2025-11-24 16:16:57 +01:00 · 2025-11-24 11:03:30 +01:00
18 changed files with 143 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,30 @@
 # [1.10.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v1.9.0...v1.10.0) (2025-11-24)
 ### Bug Fixes
 * **collabora:** Update Controller to 1.1.6 incl. Helm chart update to 1.1.10 ([d25c95f](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/d25c95f06bc199d09aa6ea4dc09c10e95153de38))
 * **collabora:** Update from 25.04.5 to 25.04.6 ([8de0f5d](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/8de0f5de7277ad726588d7de2d06cb3e9376c993))
 * **external-services:** Create `nubus_authsession` database ([ec72602](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/ec72602cdd3207f73ff806a26bfe7b9fd32b8634))
 * **helmfile:** Enable verification for XWiki Helm chart ([5104793](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/51047936de102c610adc00f4dff12d2eb8e945b0))
 * **helmfile:** Streamline annotations ([7aa717c](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/7aa717c0509a731c060c58a1b5877e1d9899406f))
 * **nubus:** Remove legacy `UMC` Keycloak client that was used for SAML connection with the Nubus portal ([152221f](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/152221fa7976bfa942d5e9e9b8f78cc8e65765c0))
 * **open-xchange:** Only enable `smtpSASLAuthEnable` when `relayHost` is set ([70bbbf3](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/70bbbf311fcba57c31f535be7d0d453f4a945cee))
 * **open-xchange:** Optimize Dovecot Pro full-text search caches; review `migrations.md` for required upgrade steps ([f3f707c](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/f3f707c9eee8edf3ad61834d87b5c059f31b0e26))
 * **open-xchange:** Template SASL security options ([684c6d4](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/684c6d4f29dd447872ebe582eef43c04034896f7))
 * **open-xchange:** Update Dovecot configuration based on supplier's best practise review ([850761e](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/850761e0475b2f281fb23f6972d5c74fbdaa3a61))
 * **opendesk-static-files:** [[#260](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/260)] Fix doublette creation of configmap `data` keys when the same file is referenced multiple times for a component ([b5a76be](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/b5a76bea57ef7b136c54d1bc95c40f0a0c3f9716))
 * **openproject:** Update from 16.1.0 to 16.1.1 ([62fae99](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/62fae9976a731c00700d56ce8fab198bb2531d20))
 * **xwiki:** Update XWiki from 17.4.4 to 17.4.7 ([02a3b77](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/02a3b7711490394690df70ca92bab58b253e34f5))
 ### Features
 * **jitsi:** Update from 2.0.10431 to 2.0.10590 ([f5aad1f](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/f5aad1fa47559f0d3941c233c7d40029a9e83281))
 * **nubus:** Update from v1.14.0 to v1.15.2 ([12379d6](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/12379d67e07936496fe31276b2052406e0137db6))
 * **open-xchange:** Support for LDAP group based mailing lists ([cc94f0c](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/cc94f0c66df098d0a20f7f0d4a6af5e791557981))
 * **openproject:** Update OpenProject from 16.5.1 to 16.6.0 ([19438c0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/19438c02817875bd408c5d6cf423d7bfb61f907f))
 # [1.9.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v1.8.0...v1.9.0) (2025-11-07)
--- a/docs/monitoring.md
+++ b/docs/monitoring.md
@@ -43,6 +43,16 @@ prometheus:
    enabled: true
 ```
 For many applications, an external prometheus exporter must be deployed as well.
 These are often integrated into openDesk and can be enabled via the following snippet:
 ```yaml
 monitoring:
  prometheus:
    exporter:
      global: true
 ```
 # Alerts
 openDesk ships with a set of Prometheus alerting rules that are specific to the operation of openDesk.
--- a/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl
+++ b/helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl
@@ -52,6 +52,14 @@ repositories:
    oci: true
    url: "{{ coalesce .Values.repositories.helm.registryOpencodeDe .Values.global.helmRegistry | default .Values.charts.opendeskDashboards.registry }}/{{ .Values.charts.opendeskDashboards.repository }}"
  - name: "opendesk-exporter-repo"
    keyring: "../../files/gpg-pubkeys/opencode.gpg"
    verify: {{ .Values.charts.prometheusOpendeskExporter.verify }}
    username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
    password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
    oci: true
    url: "{{ coalesce .Values.repositories.helm.registryOpencodeDe .Values.global.helmRegistry | default .Values.charts.prometheusOpendeskExporter.registry }}/{{ .Values.charts.prometheusOpendeskExporter.repository }}"
    # openDesk Static Files
  # https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-static-files
  - name: "opendesk-static-files-repo"
@@ -117,6 +125,18 @@ releases:
    installed: {{ .Values.monitoring.grafana.dashboards.enabled }}
    timeout: 900
  # opendesk-exporter
  - name: "opendesk-exporter"
    chart: "opendesk-exporter-repo/{{ .Values.charts.prometheusOpendeskExporter.name }}"
    version: "{{ .Values.charts.prometheusOpendeskExporter.version }}"
    values:
      - "values-opendesk-exporter.yaml.gotmpl"
      {{- range .Values.customization.release.prometheusOpendeskExporter }}
      - {{ . }}
      {{- end }}
    installed: {{ eq .Values.monitoring.prometheus.exporters.overrides.opendeskExporter nil | ternary .Values.monitoring.prometheus.exporters.global .Values.monitoring.prometheus.exporters.overrides.opendeskExporter }}
    timeout: 900
  - name: "opendesk-static-files"
    chart: "opendesk-static-files-repo/{{ .Values.charts.opendeskStaticFiles.name }}"
    version: "{{ .Values.charts.opendeskStaticFiles.version }}"
--- a/helmfile/apps/opendesk-services/values-opendesk-exporter.yaml.gotmpl
+++ b/helmfile/apps/opendesk-services/values-opendesk-exporter.yaml.gotmpl
@@ -0,0 +1,41 @@
 # SPDX-FileCopyrightText: 2025 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
 # SPDX-License-Identifier: Apache-2.0
 ---
 global:
  registry: "{{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.prometheusOpendeskExporter.registry }}"
  imagePullSecrets:
    {{- range .Values.global.imagePullSecrets }}
    - {{ . | quote }}
    {{- end }}
 image:
  registry: "{{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.prometheusOpendeskExporter.registry }}"
  repository: "{{ .Values.images.prometheusOpendeskExporter.repository }}"
  tag: "{{ .Values.images.prometheusOpendeskExporter.tag }}"
  imagePullPolicy: "{{ .Values.global.imagePullPolicy }}"
 resources:
  {{ .Values.resources.prometheusOpendeskExporter | toYaml | nindent 2 }}
 serviceMonitor:
  create: "{{ .Values.monitoring.prometheus.serviceMonitors.enabled }}"
 opendeskExporter:
  {{- if .Values.debug.enabled }}
  extraArgs: [ "--verbose" ]
  {{- end }}
  config:
    opendesk_exporter:
      collectors:
        enabled: [ "opendesk_users", "opendesk_version_info" ]
        opendesk_version_info:
          version: "{{ .Values.global.systemInformation.releaseVersion }}"
          git_commit: "{{ exec "git" (list "rev-parse" "HEAD") | trim }}"
          git_tree_state: "{{ exec "sh" (list "-c" "git diff --quiet && echo 'clean' || echo 'dirty'") | trim }}"
        opendesk_users:
          keycloak_db_url: "postgresql://{{ .Values.databases.keycloak.username }}:{{ .Values.databases.keycloak.password | default .Values.secrets.postgresql.keycloakUser }}@{{ .Values.databases.keycloak.host }}:{{ .Values.databases.keycloak.port }}/{{ .Values.databases.keycloak.name }}"
          ldap_hostname: "{{ .Values.ldap.host }}"
          ldap_bind_dn: "uid=ldapsearch_opendesk_exporter,cn=users,{{ .Values.ldap.baseDn }}"
          ldap_bind_password: "{{ .Values.secrets.nubus.ldapSearch.opendeskExporter }}"
          ldap_search_base: "{{ .Values.ldap.baseDn }}"
--- a/helmfile/environments/default/charts.yaml.gotmpl
+++ b/helmfile/environments/default/charts.yaml.gotmpl
@@ -449,6 +449,16 @@ charts:
    name: "postgresql"
    version: "2.1.2"
    verify: true
  prometheusOpendeskExporter:
    # providerCategory: "Platform"
    # providerResponsible: "openDesk"
    # upstreamRegistry: "https://registry.opencode.de"
    # upstreamRepository: "bmi/opendesk/components/platform-development/charts/opendesk-exporter"
    registry: "registry.opencode.de"
    repository: "bmi/opendesk/components/platform-development/charts/opendesk-exporter"
    name: "opendesk-exporter"
    version: "1.5.2"
    verify: true
  redis:
    # providerCategory: "Community"
    # providerResponsible: "openDesk"
--- a/helmfile/environments/default/customization.yaml.gotmpl
+++ b/helmfile/environments/default/customization.yaml.gotmpl
@@ -79,6 +79,7 @@ customization:
    redis: {}
    memcached: {}
    postgresql: {}
    prometheusOpendeskExporter: {}
    mariadb: {}
    postfix: {}
    opendeskDkimpyMilter: {}
--- a/helmfile/environments/default/global.generated.yaml.gotmpl
+++ b/helmfile/environments/default/global.generated.yaml.gotmpl
@@ -3,5 +3,5 @@
 ---
 global:
  systemInformation:
-    releaseVersion: "v1.9.0"
+    releaseVersion: "v1.10.0"
 ...
--- a/helmfile/environments/default/images.yaml.gotmpl
+++ b/helmfile/environments/default/images.yaml.gotmpl
@@ -931,6 +931,14 @@ images:
    registry: "registry-1.docker.io"
    repository: "library/postgres"
    tag: "15.13-alpine3.20@sha256:f7de0e2497b9a3b027d41377606f94bb0140a034ed303f6de690aa77637bfbc9"
  prometheusOpendeskExporter:
    # providerCategory: "Platform"
    # providerResponsible: "openDesk
    # upstreamRegistry: "https://registry.opencode.de"
    # upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-exporter"
    registry: "registry.opencode.de"
    repository: "bmi/opendesk/components/platform-development/images/opendesk-exporter"
    tag: "1.3.3@sha256:744c13b7882e066bf3213de70c3513020800657b0ebee3c3b2b26bebe3ea3244"
  prosody:
    # providerCategory: "Supplier"
    # providerResponsible: "Nordeck"
--- a/helmfile/environments/default/monitoring.yaml.gotmpl
+++ b/helmfile/environments/default/monitoring.yaml.gotmpl
@@ -17,6 +17,15 @@ monitoring:
      labels:
        release: "kube-prometheus-stack"
    # Prometheus exporter deployment toggles for openDesk
    exporters:
      # Global switch for all optional exporters
      global: false
      # Per-exporter overrides (take precedence over "global")
      overrides:
        # https://gitlab.opencode.de/bmi/opendesk/components/platform-development/images/opendesk-exporter
        opendeskExporter: true
  grafana:
    dashboards:
      enabled: false
--- a/helmfile/environments/default/replicas.yaml.gotmpl
+++ b/helmfile/environments/default/replicas.yaml.gotmpl
@@ -146,7 +146,7 @@ replicas:
  # -- scalable: tbd
  jitsiKeycloakAdapter: 1
  # -- scalable: tbd
-  jvb: 2
+  jvb: 1
  # -- component: Persistence Layer
  # -- scalable: false
--- a/helmfile/environments/default/resources.yaml.gotmpl
+++ b/helmfile/environments/default/resources.yaml.gotmpl
@@ -437,6 +437,13 @@ resources:
    requests:
      cpu: 0.1
      memory: "256Mi"
  prometheusOpendeskExporter:
    limits:
      cpu: 1
      memory: "512Mi"
    requests:
      cpu: 0.1
      memory: "256Mi"
  prosody:
    limits:
      cpu: 99
--- a/helmfile/environments/default/secrets.yaml.gotmpl
+++ b/helmfile/environments/default/secrets.yaml.gotmpl
@@ -35,6 +35,7 @@ secrets:
      postfix: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "ldapsearch_postfix" | sha1sum | quote }}
      openproject: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "ldapsearch_openproject" | sha1sum | quote }}
      xwiki: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "ldapsearch_xwiki" | sha1sum | quote }}
      opendeskExporter: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "ldapsearch_opendesk_exporter" | sha1sum | quote }}
    systemAccounts:
      administratorPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "Administrator" | sha1sum | quote }}
      sysIdpUserPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "sysIdpUser" | sha1sum | quote }}
--- a/publiccode.yml
+++ b/publiccode.yml
@@ -22,8 +22,8 @@ name: "openDesk"
 platforms:
  - "web"
 developmentStatus: "stable"
-softwareVersion: "1.9.0"
+softwareVersion: "1.10.0"
-releaseDate: "2025-11-07"
+releaseDate: "2025-11-24"
 softwareType: "standalone/web"
 url: "https://gitlab.opencode.de/bmi/opendesk/"
 logo: ".opencode/openDesk-logo-rgb-color.svg"
Author	SHA1	Message	Date
Lilly Sell	8d4ddbdc81	chore: Enable opendesk exporter by default	2025-12-08 15:17:21 +01:00
Lilly Sell	939cfbbe26	feat(monitoring): Add opendesk-exporter The opendesk-exporter provides a builtin way for openDesk to expose prometheus metrics to an operator. See the applications repository for detailed information: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/images/opendesk-exporter	2025-12-08 15:17:21 +01:00
Thorsten Roßner	54277dabae	chore(release): 1.10.0 [skip ci] # [1.10.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v1.9.0...v1.10.0) (2025-11-24) ### Bug Fixes * collabora: Update Controller to 1.1.6 incl. Helm chart update to 1.1.10 ([`d25c95f`](`d25c95f06b`)) * collabora: Update from 25.04.5 to 25.04.6 ([`8de0f5d`](`8de0f5de72`)) * external-services: Create `nubus_authsession` database ([`ec72602`](`ec72602cdd`)) * helmfile: Enable verification for XWiki Helm chart ([`5104793`](`51047936de`)) * helmfile: Streamline annotations ([`7aa717c`](`7aa717c050`)) * nubus: Remove legacy `UMC` Keycloak client that was used for SAML connection with the Nubus portal ([`152221f`](`152221fa79`)) * open-xchange: Only enable `smtpSASLAuthEnable` when `relayHost` is set ([`70bbbf3`](`70bbbf311f`)) * open-xchange: Optimize Dovecot Pro full-text search caches; review `migrations.md` for required upgrade steps ([`f3f707c`](`f3f707c9ee`)) * open-xchange: Template SASL security options ([`684c6d4`](`684c6d4f29`)) * open-xchange: Update Dovecot configuration based on supplier's best practise review ([`850761e`](`850761e047`)) * opendesk-static-files: [[#260](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/260)] Fix doublette creation of configmap `data` keys when the same file is referenced multiple times for a component ([`b5a76be`](`b5a76bea57`)) * openproject: Update from 16.1.0 to 16.1.1 ([`62fae99`](`62fae9976a`)) * xwiki: Update XWiki from 17.4.4 to 17.4.7 ([`02a3b77`](`02a3b77114`)) ### Features * jitsi: Update from 2.0.10431 to 2.0.10590 ([`f5aad1f`](`f5aad1fa47`)) * nubus: Update from v1.14.0 to v1.15.2 ([`12379d6`](`12379d67e0`)) * open-xchange: Support for LDAP group based mailing lists ([`cc94f0c`](`cc94f0c66d`)) * openproject: Update OpenProject from 16.5.1 to 16.6.0 ([`19438c0`](`19438c0281`))	2025-11-24 15:32:49 +00:00
Thorsten Roßner	b32cb70678	chore(publiccode.yml): Update for v1.10.0	2025-11-24 16:16:57 +01:00
Thorsten Roßner	b7b9968245	chore(helmfile): Set JVB replica to `1` again	2025-11-24 11:03:30 +01:00
Thorsten Roßner	b830edf8da	chore(helmfile): Remove doublette spaces in templating expression	2025-11-24 10:54:36 +01:00