sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-07 07:51:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f94e9c493004889b18b133acbed1c2501dedcba3
opendesk/helmfile/apps/univention-management-stack/values-udm-rest-api.yaml.gotmpl

65 lines
2.0 KiB
Go Template
Raw Blame History

# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
# SPDX-License-Identifier: Apache-2.0
---
extraVolumes:
- name: "attribute-to-group-mapper-hook"
configMap:
name: "ums-stack-data-swp-attribute-to-group-mapper-hook"
extraVolumeMounts:
- name: "attribute-to-group-mapper-hook"
mountPath: "/usr/lib/python3/dist-packages/univention/admin/hooks.d/AttributeToGroupMapper.py"
subPath: "AttributeToGroupMapper.py"
- name: "attribute-to-group-mapper-hook"
mountPath: "/usr/share/attribute-to-group-mapper/flag_to_group_mapping.json"
subPath: "flag_to_group_mapping.json"
resources:
{{ .Values.resources.umsUdmRestApi | toYaml | nindent 2 }}
initResources:
{{ .Values.resources.umsUdmRestApiInit | toYaml | nindent 2 }}
replicaCount: {{ .Values.replicas.umsUdmRestApi }}
podSecurityContext:
enabled: true
fsGroup: 1000
fsGroupChangePolicy: "Always"
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
enabled: true
runAsUser: 1000
runAsGroup: 1000
seccompProfile:
type: "RuntimeDefault"
readOnlyRootFilesystem: true
runAsNonRoot: true
udmRestApi:
secretRef: ums-udm-rest-api-credentials
ldap:
uri: "ldap://{{ .Values.ldap.host }}:389"
baseDN: {{ .Values.ldap.baseDn | quote }}
image:
registry: {{ .Values.global.imageRegistry | default .Values.images.umsUdmRestApi.registry | quote }}
repository: {{ .Values.images.umsUdmRestApi.repository | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
tag: {{ .Values.images.umsUdmRestApi.tag | quote }}
pullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . | quote }}
{{- end }}
extraSecrets:
- name: ums-udm-rest-api-credentials
stringData:
ldap.secret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
machine.secret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
...
Reference in New Issue View Git Blame Copy Permalink