chore(release): 0.5.47 [skip ci]

## [0.5.47](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.46...v0.5.47) (2023-11-24)

### Bug Fixes

* **helmfile:** Rename absolute paths on OpenCoDE to new 'opendesk' base group name ([7ac2e0f](7ac2e0f9de))
* **xwiki:** Enable the sync of user profile picture from LDAP ([6aa3d38](6aa3d386af))

.gitlab-ci.yml

@@ -555,7 +555,7 @@ generate-release-assets:
       - "./build_artefacts/image-index.json"
   tags: []
   variables:
-    ASSET_GENERATOR_REPO_PATH: "bmi/souveraener_arbeitsplatz/tooling/opendesk-asset-generator"
+    ASSET_GENERATOR_REPO_PATH: "bmi/opendesk/tooling/opendesk-asset-generator"
 
 
 # Declare .environments which is in environments repository and only loaded when INCLUDE_ENVIRONMENTS_ENABLED not false.

CHANGELOG.md

@@ -1,3 +1,11 @@
+## [0.5.47](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.46...v0.5.47) (2023-11-24)
+
+
+### Bug Fixes
+
+* **helmfile:** Rename absolute paths on OpenCoDE to new 'opendesk' base group name ([7ac2e0f](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/7ac2e0f9de2a8386a7f5809ba40db4ed7164a857))
+* **xwiki:** Enable the sync of user profile picture from LDAP ([6aa3d38](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/6aa3d386afe8b3f22e47f9971fd719089006b54e))
+
 ## [0.5.46](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/compare/v0.5.45...v0.5.46) (2023-11-23)
 
 

CONTRIBUTING.md

@@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0
 
 # Read me first
 
-Please read the [project's overall CONTRIBUTING.md](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/info/-/blob/main/CONTRIBUTING.md) first.
+Please read the [project's overall CONTRIBUTING.md](https://gitlab.opencode.de/bmi/opendesk/info/-/blob/main/CONTRIBUTING.md) first.
 
 # How to contribute?
 

README.md

@@ -40,7 +40,7 @@ Basic knowledge of Kubernetes and Devops is required though.
 
 # Active development notice
 openDesk will face breaking changes in the near future without upgrade paths before
-[technical release](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/-/releases
+[technical release](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/-/releases
 v1.0.0 is reached.
 
 While most components support upgrades, major configuration or component changes may occur, therefore we recommend
@@ -60,10 +60,10 @@ Of course, further development also includes enhancing the documentation.
 
 We love to get feedback from you!
 Related to the deployment / contents of this repository,
-please use the [issues within this project](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/-/issues).
+please use the [issues within this project](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/-/issues).
 
 If you want to address other topics, please check the section
-["Rückmeldungen und Beteiligung" of the Infos' project OVERVIEW.md](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/info/-/blob/main/OVERVIEW.md#rückmeldungen-und-beteiligung).
+["Rückmeldungen und Beteiligung" of the Infos' project OVERVIEW.md](https://gitlab.opencode.de/bmi/opendesk/info/-/blob/main/OVERVIEW.md#rückmeldungen-und-beteiligung).
 
 # Requirements
 
@@ -86,7 +86,7 @@ If you want to address other topics, please check the section
 All technical releases are created using [Semantic Versioning](https://semver.org/lang/de/).
 
 Gitlab provides an
-[overview on the releases](https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/-/releases)
+[overview on the releases](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/-/releases)
 of this project.
 
 The following release artefacts are provided beside the default source code assets:

helmfile.yaml

@@ -29,7 +29,7 @@ missingFileHandler: "Error"
 # - Installing all releases from root via helmfile apply
 # - Installing a single release from root via helmfile apply -f helmfile/apps/<app>/helmfile.yaml
 # - Installing a single release from app directory via helmfile apply
-# Issue: https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/deployment/sovereign-workplace/-/issues/2
+# Issue: https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/-/issues/2
 
 environments:
   default:

helmfile/apps/keycloak/helmfile.yaml

@@ -16,7 +16,7 @@ repositories:
     verify: true
     keyring: "../../files/gpg-pubkeys/souvap-univention-de.gpg"
   # openDesk Keycloak Theme
-  # Source: https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/components/charts/opendesk-keycloak-theme
+  # Source: https://gitlab.opencode.de/bmi/opendesk/components/charts/opendesk-keycloak-theme
   - name: "keycloak-theme-repo"
     oci: true
     url: >-

helmfile/apps/nextcloud/helmfile.yaml

@@ -8,7 +8,7 @@ bases:
 repositories:
   # openDesk Keycloak Bootstrap
   # Source:
-  #  https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/components/charts/sovereign-workplace-nextcloud-bootstrap
+  #  https://gitlab.opencode.de/bmi/opendesk/components/charts/sovereign-workplace-nextcloud-bootstrap
   - name: "opendesk-nextcloud-bootstrap-repo"
     oci: true
     # yamllint disable rule:line-length

helmfile/apps/open-xchange/helmfile.yaml

@@ -7,7 +7,7 @@ bases:
 ---
 repositories:
   # openDesk Dovecot
-  # Source: https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/components/charts/opendesk-dovecot
+  # Source: https://gitlab.opencode.de/bmi/opendesk/components/charts/opendesk-dovecot
   - name: "opendesk-dovecot-repo"
     oci: true
     url: >-
@@ -21,7 +21,7 @@ repositories:
     url: >-
       {{ env "PRIVATE_IMAGE_REGISTRY_URL" | default "registry.open-xchange.com" }}
   # openDesk Open-Xchange Bootstrap
-  # Source: https://gitlab.opencode.de/bmi/souveraener_arbeitsplatz/components/charts/opendesk-open-xchange-bootstrap
+  # Source: https://gitlab.opencode.de/bmi/opendesk/components/charts/opendesk-open-xchange-bootstrap
   - name: "opendesk-open-xchange-bootstrap-repo"
     oci: true
     # yamllint disable rule:line-length

helmfile/apps/xwiki/values.gotmpl

@@ -16,7 +16,7 @@ externalDB:
 
 customConfigs:
   "xwiki.cfg":
-    "xwiki.superadminpassword": {{ .Values.secrets.xwiki.superadminpassword | quote }}
+    xwiki.superadminpassword: {{ .Values.secrets.xwiki.superadminpassword | quote }}
     ## LDAP Server configuration
     xwiki.authentication.ldap.server: {{ .Values.ldap.host | quote }}
     xwiki.authentication.ldap.port: 389
@@ -25,6 +25,8 @@ customConfigs:
     xwiki.authentication.ldap.bind_pass: {{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki | quote }}
     ## Base DN used for searching for users
     xwiki.authentication.ldap.base_DN: "dc=swp-ldap,dc=internal"
+    ## Allow short update cycles of the LDAP group cache
+    xwiki.authentication.ldap.groupcache_expiration: 300
 
   "xwiki.properties":
     "oidc.endpoint.authorization": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/auth"

helmfile/apps/xwiki/values.yaml

@@ -10,9 +10,9 @@ customConfigs:
     ## Indicate the LDAP field defining the user UID
     xwiki.authentication.ldap.UID_attr: "uid"
     ## Indicate the LDAP field defining the user profile picture
-    # xwiki.authentication.ldap.photo_attribute: "jpegPhoto"
+    xwiki.authentication.ldap.photo_attribute: "jpegPhoto"
     ## Enable the synchronization of the LDAP profile picture
-    # xwiki.authentication.ldap.update_photo: 1
+    xwiki.authentication.ldap.update_photo: 1
 
   xwiki.properties:
     oidc.scope: "openid,profile,email,address,phoenix"
@@ -80,8 +80,10 @@ properties:
   "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.ldapGroupImportSearchDN":
     "dc=swp-ldap,dc=internal"
   ## LDAP filter to only synchronize some groups
+  # "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.ldapGroupImportSearchFilter":
+  #   "(&(objectClass=opendeskKnowledgemanagementGroup)(opendeskKnowledgemanagementEnabled=TRUE))"
   "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.ldapGroupImportSearchFilter":
-    "(&(objectClass=opendeskKnowledgemanagementGroup)(opendeskKnowledgemanagementEnabled=TRUE))"
+    "(objectClass=opendeskKnowledgemanagementGroup)"
 
 securityContext:
   enabled: true