From b60c61da81aee61ae6c074fc2ad636007b883bd2 Mon Sep 17 00:00:00 2001 From: aca Date: Wed, 26 Feb 2025 10:17:42 +0000 Subject: [PATCH] new configuration version --- ...evisauth-sts-4bad2fe3ccc54716cc87138f.yaml | 4 +-- .../var/opt/nevisauth/default/conf/env.conf | 2 +- .../k8s-idm-db-2951ead44a7a9362a4545094.yaml | 28 +++++++++++++++++++ ...k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml | 6 ++-- .../default/conf/nevisidm-prod.properties | 4 +-- 5 files changed, 37 insertions(+), 7 deletions(-) create mode 100644 DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml index 2988e0a..6902c71 100644 --- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml +++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisAuth" replicas: 1 - version: "8.2411.2" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -45,7 +45,7 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b0ee5bf8f21b6deb852634ece4565dee10c29032" + tag: "r-654fc77cfe9eeb743896b19166144c379a1ad337" dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts" credentials: "git-credentials" keystores: diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf index 587c2ce..fa65249 100644 --- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf +++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf @@ -13,7 +13,7 @@ JAVA_OPTS=( "-javaagent:/opt/agent/opentelemetry-javaagent.jar" "-Dotel.javaagent.logging=application" "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties" - "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME" + "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME" "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-sts-default-tls-trust/truststore.p12" "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-sts-default-tls-trust/keypass}" ) diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml new file mode 100644 index 0000000..2f99af8 --- /dev/null +++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml @@ -0,0 +1,28 @@ +apiVersion: "operator.nevis-security.ch/v1" +kind: "NevisDatabase" +metadata: + name: "idm" + namespace: "adn-agov-nevisidm-01-uat" + labels: + deploymentTarget: "idm" + trustImport: "idm-technical-trust-store-1058498828" + annotations: + projectKey: "DEFAULT-ADN-AGOV-PROJECT" + patternId: "2951ead44a7a9362a4545094" +spec: + type: "NevisIDM" + databaseType: "MariaDB" + version: "8.2411.1" + url: "mariadb-agov-uat.mariadb.database.azure.com" + port: 3306 + ssl: true + database: "nevisidm_uat" + bootstrap: true + migrate: true + rootCredentials: + name: "root-adn-agov-nevisidm-admin-01-uat-idm" + namespace: "adn-agov-nevisidm-admin-01-uat" + podSecurity: + policy: "baseline" + automountServiceAccountToken: false + timeZone: "Europe/Zurich" diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml index 6ed7430..3ff4509 100644 --- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml +++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml @@ -46,9 +46,12 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b0ee5bf8f21b6deb852634ece4565dee10c29032" + tag: "r-654fc77cfe9eeb743896b19166144c379a1ad337" dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm" credentials: "git-credentials" + database: + name: "idm" + requiredVersion: "8.2411.1" keystores: - "idm-default-identity" truststores: @@ -61,4 +64,3 @@ spec: secrets: secret: - "0eb37a5f44023ef0ad1013b6-89ec31e5" - - "a2068eb83a60702322c13949-27ed70d3" diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties index d33b005..1f77c0d 100644 --- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties +++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties @@ -3,9 +3,9 @@ web.gui.languages.default=de # source: pattern://2951ead44a7a9362a4545094 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks # source: pattern://2951ead44a7a9362a4545094 -database.connection.username=adndbadmin +database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser} # source: pattern://2951ead44a7a9362a4545094 -database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3 +database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword} # source: pattern://b8a36646f81c3247cdb5d90b application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc # source: pattern://b8a36646f81c3247cdb5d90b