new configuration version

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -45,7 +45,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-b0ee5bf8f21b6deb852634ece4565dee10c29032"
+    tag: "r-654fc77cfe9eeb743896b19166144c379a1ad337"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf

@@ -13,7 +13,7 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-sts-default-tls-trust/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-sts-default-tls-trust/keypass}"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml

@@ -0,0 +1,28 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisDatabase"
+metadata:
+  name: "idm"
+  namespace: "adn-agov-nevisidm-01-uat"
+  labels:
+    deploymentTarget: "idm"
+    trustImport: "idm-technical-trust-store-1058498828"
+  annotations:
+    projectKey: "DEFAULT-ADN-AGOV-PROJECT"
+    patternId: "2951ead44a7a9362a4545094"
+spec:
+  type: "NevisIDM"
+  databaseType: "MariaDB"
+  version: "8.2411.1"
+  url: "mariadb-agov-uat.mariadb.database.azure.com"
+  port: 3306
+  ssl: true
+  database: "nevisidm_uat"
+  bootstrap: true
+  migrate: true
+  rootCredentials:
+    name: "root-adn-agov-nevisidm-admin-01-uat-idm"
+    namespace: "adn-agov-nevisidm-admin-01-uat"
+  podSecurity:
+    policy: "baseline"
+    automountServiceAccountToken: false
+  timeZone: "Europe/Zurich"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml

@@ -46,9 +46,12 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-b0ee5bf8f21b6deb852634ece4565dee10c29032"
+    tag: "r-654fc77cfe9eeb743896b19166144c379a1ad337"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm"
     credentials: "git-credentials"
+  database:
+    name: "idm"
+    requiredVersion: "8.2411.1"
   keystores:
   - "idm-default-identity"
   truststores:
@@ -61,4 +64,3 @@ spec:
   secrets:
     secret:
     - "0eb37a5f44023ef0ad1013b6-89ec31e5"
-    - "a2068eb83a60702322c13949-27ed70d3"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties

@@ -3,9 +3,9 @@ web.gui.languages.default=de
 # source: pattern://2951ead44a7a9362a4545094
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
 # source: pattern://2951ead44a7a9362a4545094
-database.connection.username=adndbadmin
+database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser}
 # source: pattern://2951ead44a7a9362a4545094
-database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
+database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword}
 # source: pattern://b8a36646f81c3247cdb5d90b
 application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://b8a36646f81c3247cdb5d90b