feat(nubus): Update chart to version 0.39.0-pre-jbornhold-update-portal-frontend

helmfile/apps/nubus/values-nubus.yaml.gotmpl

@@ -165,18 +165,14 @@ nubusKeycloakExtensions:
       newDeviceLoginSubject: "New device login on your {{ .Values.theme.texts.productName }} account"
       mailFrom: "{{ .Values.smtp.localpartNoReply }}@{{ if .Values.functional.email.systemGenerated.useComponentInSenderdomain }}{{ .Values.global.hosts.keycloak }}.{{ end }}{{ .Values.global.domain }}"
 
-nubusPortalConsumer:
-  portalConsumer:
-    logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
+nubusPortalListener:
+  portalListener:
     objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
     objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }}
     objectStorageCredentialSecret:
-      name: "ums-portal-consumer-minio-opendesk-credentials"
+      name: "ums-portal-listener-minio-opendesk-credentials"
       accessKeyKey: "access-key-id"
       secretKeyKey: "secret-key-id"
-  provisioningApi:
-    auth:
-      username: "portal-consumer"
 
 nubusPortalServer:
   portalServer:
@@ -190,12 +186,15 @@ nubusPortalServer:
       enabled: true
       authenticatorSecretName: "ums-opendesk-portal-server-central-navigation"
 
+# NOTE: disabled until the next update.
 nubusProvisioning:
-  enabled: true
+  enabled: false
 nubusUdmListener:
-  enabled: true
+  enabled: false
 nubusSelfServiceListener:
   enabled: true
+  selfserviceListener:
+    umcAdminUser: "default.admin"
 
 # Nubus services
 nubusStackDataUms:
@@ -315,7 +314,7 @@ extraSecrets:
     stringData:
       access-key-id: {{ .Values.objectstores.nubus.username | quote }}
       secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}
-  - name: "ums-portal-consumer-minio-opendesk-credentials"
+  - name: "ums-portal-listener-minio-opendesk-credentials"
     stringData:
       access-key-id: {{ .Values.objectstores.nubus.username | quote }}
       secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}

helmfile/apps/nubus/values-opendesk-customization.yaml.gotmpl

@@ -81,17 +81,15 @@ nubusKeycloakExtensions:
     resources:
       {{ .Values.resources.umsKeycloakExtensionProxy | toYaml | nindent 6 }}
 
-nubusPortalConsumer:
+nubusPortalListener:
   podAnnotations:
-    intents.otterize.com/service-name: "ums-portal-consumer"
-  replicaCount: {{ .Values.replicas.umsPortalConsumer }}
+    intents.otterize.com/service-name: "ums-portal-listener"
+  replicaCount: {{ .Values.replicas.umsPortalListener }}
   resources:
-    {{ .Values.resources.umsPortalConsumer | toYaml | nindent 4 }}
-  resourcesWaitForDependency:
-    {{ .Values.resources.umsPortalConsumerDependencies | toYaml | nindent 4 }}
+    {{ .Values.resources.umsPortalListener | toYaml | nindent 4 }}
   persistence:
     storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
-    size: {{ .Values.persistence.size.nubus.portalConsumer | quote }}
+    size: {{ .Values.persistence.size.nubus.portalListener | quote }}
 
 nubusPortalServer:
   additionalAnnotations:

helmfile/apps/nubus/values-opendesk-images.yaml.gotmpl

@@ -49,6 +49,7 @@ nubusLdapServer:
       repository: {{ .Values.images.nubusWaitForDependency.repository }}
       tag: {{ .Values.images.nubusWaitForDependency.tag }}
 
+
 nubusPortalConsumer:
   portalConsumer:
     image:
@@ -56,6 +57,7 @@ nubusPortalConsumer:
       repository: {{ .Values.images.nubusPortalConsumer.repository }}
       tag: {{ .Values.images.nubusPortalConsumer.tag }}
 
+
 nubusNotificationsApi:
   image:
     registry: {{ .Values.images.nubusNotificationsApi.registry }}
@@ -68,12 +70,11 @@ nubusPortalFrontend:
     repository: {{ .Values.images.nubusPortalFrontend.repository }}
     tag: {{ .Values.images.nubusPortalFrontend.tag }}
 
-nubusPortalConsumer:
-  portalConsumer:
-    image:
-      registry: {{ .Values.images.nubusPortalConsumer.registry }}
-      repository: {{ .Values.images.nubusPortalConsumer.repository }}
-      tag: {{ .Values.images.nubusPortalConsumer.tag }}
+nubusPortalListener:
+  image:
+    registry: {{ .Values.images.nubusPortalListener.registry }}
+    repository: {{ .Values.images.nubusPortalListener.repository }}
+    tag: {{ .Values.images.nubusPortalListener.tag }}
   waitForDependency:
     image:
       registry: {{ .Values.images.nubusWaitForDependency.registry }}
@@ -153,7 +154,6 @@ nubusSelfServiceListener:
       registry: {{ .Values.images.nubusSelfserviceListener.registry }}
       repository: {{ .Values.images.nubusSelfserviceListener.repository }}
       tag: {{ .Values.images.nubusSelfserviceListener.tag }}
-
   selfserviceInvitation:
     image:
       registry: {{ .Values.images.nubusSelfserviceInvitation.registry }}

helmfile/apps/services/values-minio.yaml.gotmpl

@@ -86,7 +86,6 @@ provisioning:
   enabled: true
   cleanupAfterFinished:
     enabled: true
-    seconds: 3000
   extraCommands:
     - "mc anonymous set download provisioning/ums/portal-assets"
   buckets:

helmfile/environments/default/charts.yaml

@@ -254,7 +254,7 @@ charts:
     registry: "artifacts.software-univention.de"
     repository: "nubus-dev/charts"
     name: "nubus"
-    version: "0.34.0-pre-jlohmer-provisioning-consumer-integration"
+    version: "0.39.0-pre-jbornhold-update-portal-frontend"
     verify: true
   opendeskKeycloakBootstrap:
     # providerCategory: "Platform"

helmfile/environments/default/images.yaml

@@ -195,9 +195,11 @@ images:
     # providerResponsible: "openDesk"
     # upstreamRegistry: "https://registry-1.docker.io"
     # upstreamRepository: "bitnami/memcached"
-    registry: "registry-1.docker.io"
+    # registry: "registry-1.docker.io"
+    # repository: "bitnami/memcached"
+    registry: "docker.io"
     repository: "bitnami/memcached"
-    tag: "1.6.21-debian-11-r107@sha256:247ec29efd6030960047a623aef025021154662edf6b6d6e88c97936f164d99d"
+    tag: "1.6.29-debian-12-r4"
   migrations:
     # providerCategory: "Platform"
     # providerResponsible: "openDesk"
@@ -219,9 +221,11 @@ images:
     # providerResponsible: "openDesk"
     # upstreamRegistry: "https://registry-1.docker.io"
     # upstreamRepository: "bitnami/minio"
-    registry: "registry-1.docker.io"
+    # registry: "registry-1.docker.io"
+    # repository: "bitnami/minio"
+    registry: "docker.io"
     repository: "bitnami/minio"
-    tag: "2023@sha256:bced4f2f9fc48b755ebb3e1b35e76195a978d4331bf2d0c6699dab412d3c0be7"
+    tag: "2024.8.17-debian-12-r0"
   nextcloudApache2:
     # providerCategory: "Platform"
     # providerResponsible: "openDesk"
@@ -261,9 +265,11 @@ images:
     # upstreamRepository: "nubus/images/data-loader"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "41", "5"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
-    tag: "0.60.0@sha256:9b43a66c32f4f66143db00b71cc62966df6ed809ec023a0d573a015f5d15305a"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/data-loader"
+    tag: "0.61.1@sha256:4a199197bce963fa24c58b83836757932f39a8d5c21e2ece07015d5f42e2e4df"
   nubusGuardianAuthorizationApi:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -301,9 +307,11 @@ images:
     # upstreamRepository: "nubus/images/guardian-init"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "3", "0"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init"
-    tag: "0.9.1@sha256:6006fb1c2779b906e7725df524f2587b2a610cc442793bf8f16b2b4b8c0494fb"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/guardian-init"
+    tag: "0.10.0@sha256:480943182f20b04b3d37b340e701545e002710c6668925de3758587174c5ee56"
   nubusKeycloak:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -321,9 +329,11 @@ images:
     # upstreamRepository: "nubus/images/keycloak-bootstrap"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "1", "0"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-bootstrap"
-    tag: "0.1.0@sha256:351097e9e7b469f2fc149fe612ec6ad515d5e6b081d7e2785bd926a1d77209d2"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-bootstrap"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/keycloak-bootstrap"
+    tag: "0.1.2"
   nubusKeycloakExtensionHandler:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -351,9 +361,11 @@ images:
     # upstreamRepository: "nubus/images/ldap-notifier"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "8", "2"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-notifier"
-    tag: "0.15.2@sha256:1f2a9d2136c8e87a4c4a59a94a2235d00e969c98bd7bfe75707a299918f271b5"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-notifier"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/ldap-notifier"
+    tag: "0.22.1@sha256:34a7afc7789705f964846b340c0368d144cff397c718fda8902944cf22e61c15"
   nubusLdapServer:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -403,11 +415,9 @@ images:
     # upstreamRepository: "nubus/images/notifications-api"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "9", "4"]
-    # registry: "registry.opencode.de"
-    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
-    registry: "artifacts.software-univention.de"
-    repository: "nubus/images/notifications-api"
-    tag: "0.31.1@sha256:cc51d3d7c25f2bef2bda4f3baad0c29dc428b798be78697d58739eb6a79636d2"
+    registry: "registry.opencode.de"
+    repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
+    tag: "0.27.0@sha256:d99173199f20c701b29b8a3c1a46465085a873b37f413882e7d2e106e258c35a"
   nubusOpenPolicyAgent:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -425,9 +435,11 @@ images:
     # upstreamRepository: "nubus/images/ox-extension"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "10", "0"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/ox-extension"
-    tag: "0.10.0@sha256:f6f32ce0486594eca9c8682b10f60e9d174a526d5acd2ba4d0abcb8f522539b9"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/ox-extension"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/ox-extension"
+    tag: "0.11.0"
   nubusPortalConsumer:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -445,9 +457,11 @@ images:
     # upstreamRepository: "nubus/images/portal-extension"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "28", "0"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-extension"
-    tag: "0.28.0@sha256:1ec467bebc402265e1c24b3d441c211faad1a025ded41afe8dd4687b7ad5a9a4"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-extension"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/portal-extension"
+    tag: "0.28.0"
   nubusPortalFrontend:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -459,7 +473,7 @@ images:
     # repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-frontend"
     registry: "artifacts.software-univention.de"
     repository: "nubus/images/portal-frontend"
-    tag: "0.31.1@sha256:499266cb7c645775dd2d0c9f386498114ab0dcda67b014db0e86735d757b4187"
+    tag: "0.32.0@sha256:3d3766415be8aec356b00c05554f9420069bcf260e3bfd6bdea5b85160aa8468"
   nubusPortalListener:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -477,11 +491,9 @@ images:
     # upstreamRepository: "nubus/images/portal-server"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "9", "4"]
-    # registry: "registry.opencode.de"
-    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
-    registry: "artifacts.software-univention.de"
-    repository: "nubus/images/portal-server"
-    tag: "0.31.1@sha256:381e0cbbcac0e9bba6d3c1c7fe7757d18c09e7afaab912c02f38bdfa481723cd"
+    registry: "registry.opencode.de"
+    repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
+    tag: "0.27.0@sha256:e1ad659feb4a1948d07e6e7d99b94b6bdbd4525d96f4cf9a010b75189f0082fc"
   nubusProvisioningDispatcher:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -503,7 +515,7 @@ images:
     # repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-events-and-consumer-api"
     registry: "artifacts.software-univention.de"
     repository: "nubus/images/provisioning-events-and-consumer-api"
-    tag: "0.34.0@sha256:7fc2ab2a89b46cd95c20f99e70636d62d45447ca2678fc78a620b4819521368f"
+    tag: "0.36.0@sha256:69dd2946e7b05384304eeeca50dea645d20f7658d225e7c532381c3bdf2027ce"
   nubusProvisioningPrefill:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -515,7 +527,7 @@ images:
     # repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-prefill"
     registry: "artifacts.software-univention.de"
     repository: "nubus/images/provisioning-prefill"
-    tag: "0.34.0@sha256:baab4e6e8393110ac7d159159dad9ecca74359ce74144dd51b4aec2a383778eb"
+    tag: "0.36.0@sha256:147406648848c068aacc2cb467633d51c65cddbcaa622c352e5fe5349bf92ce6"
   nubusProvisioningUdmListener:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -527,7 +539,7 @@ images:
     # repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-listener"
     registry: "artifacts.software-univention.de"
     repository: "nubus/images/provisioning-udm-listener"
-    tag: "0.34.0@sha256:5f1177f58a189de935b73e905b9dff69b34f508a570244c75d5358cdb1bc2b27"
+    tag: "0.36.0@sha256:8a960db9ff94b3c8a63be1588e47ccc1f62f3071abdce7ee2ef89afbe2674eed"
   nubusProvisioningUdmTransformer:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -539,7 +551,7 @@ images:
     # repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-transformer"
     registry: "artifacts.software-univention.de"
     repository: "nubus/images/provisioning-udm-transformer"
-    tag: "0.34.0@sha256:416ea5082d55346f58de535e39943552162a555455ae75f2efaad424e4fc8f70"
+    tag: "0.36.0@sha256:8080b55e705391aa2ac9b11db11dc1f984b5626271b2f175bfe26967b857b06d"
   nubusSelfserviceInvitation:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"
@@ -585,9 +597,11 @@ images:
     # upstreamRepository: "nubus/images/umc-gateway"
     # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
     # upstreamMirrorStartFrom: ["0", "7", "3"]
-    registry: "registry.opencode.de"
-    repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-gateway"
-    tag: "0.22.2@sha256:fe4d2c148946da6f5e92201f398ebd0d5a72795c50648993bd220ea1e228658d"
+    # registry: "registry.opencode.de"
+    # repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-gateway"
+    registry: "artifacts.software-univention.de"
+    repository: "nubus/images/umc-gateway"
+    tag: "0.26.0@sha256:c8d025851ca45c50f61fa1da97681a583e07ab57945a0b9fecb56cefc1e11331"
   nubusUmcServer:
     # providerCategory: "Supplier"
     # providerResponsible: "Univention"

helmfile/environments/default/persistence.yaml

@@ -19,7 +19,7 @@ persistence:
     nubus:
       ldapServerData: "1Gi"
       ldapServerShared: "1Gi"
-      portalConsumer: "1Gi"
+      portalListener: "1Gi"
       selfserviceListener: "1Gi"
     xwiki: "1Gi"
 ...

helmfile/environments/default/replicas.yaml

@@ -79,7 +79,7 @@ replicas:
   # -- scalable: true
   umsPortalFrontend: 1
   # -- scalable: tbd
-  umsPortalConsumer: 1
+  umsPortalListener: 1
   # -- scalable: true
   umsPortalServer: 1
   # -- scalable: tbd

helmfile/environments/default/resources.yaml

@@ -464,14 +464,14 @@ resources:
     requests:
       cpu: 0.1
       memory: "256Mi"
-  umsPortalConsumer:
+  umsPortalListener:
     limits:
       cpu: 99
       memory: "1Gi"
     requests:
       cpu: 0.1
       memory: "256Mi"
-  umsPortalConsumerDependencies:
+  umsPortalListenerDependencies:
     limits:
       cpu: 99
       memory: "1Gi"

helmfile/environments/default/secrets.gotmpl

@@ -36,7 +36,7 @@ secrets:
       sysIdpUserPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "sysIdpUser" | sha1sum | quote }}
     storeDavUsers:
       portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }}
-      portalConsumer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-consumer" "store-dav" | sha1sum | quote }}
+      portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }}
     provisioning:
       apiNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "nats" | sha1sum | quote }}
       apiAdminNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "apiAdmin" "nats" | sha1sum | quote }}

helmfile/environments/default/selinux.yaml

@@ -76,7 +76,7 @@ seLinuxOptions:
   umsNotificationsApi: ~
   umsOpenPolicyAgent: ~
   umsPortalFrontend: ~
-  umsPortalConsumer: ~
+  umsPortalListener: ~
   umsPortalServer: ~
   umsProvisioningDispatcher: ~
   umsProvisioningEventsAndConsumerApi: ~

helmfile/environments/test/values.yaml.gotmpl

@@ -21,7 +21,7 @@ persistence:
     nubus:
       ldapServerData: "42Gi"
       ldapServerShared: "42Gi"
-      portalConsumer: "42Gi"
+      portalListener: "42Gi"
       selfserviceListener: "42Gi"
     postfix: "42Gi"
     postgresql: "42Gi"
@@ -76,7 +76,7 @@ replicas:
   umsLdapServer: 42
   umsNotificationsApi: 42
   umsPortalFrontend: 42
-  umsPortalConsumer: 42
+  umsPortalListener: 42
   umsPortalServer: 42
   umsSelfserviceListener: 42
   umsStackGateway: 42