nevis
/
adn-post-iam-tknxchng-inv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new configuration version

This commit is contained in:
mamo 2024-11-11 09:21:23 +00:00
parent aa67d5138f
commit c933b9119e
3 changed files with 2 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
View File

@ -45,7 +45,7 @@ spec:
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-029f728dd5b968b7976482f20581fee21e6d83ad"
tag: "r-0322e6d9e0ec031ec1d368ab3307277dadf0b6a1"
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
credentials: "git-credentials"
keystores:
@ -55,7 +55,6 @@ spec:
truststores:
- "nai-default-tls-client-trust"
- "nai-default-default-signer-trust"
- "nai-new-nevisauth-keyobject"
- "nai-default-tls-trust"
podSecurity:
policy: "baseline"

12
DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-new-nevisauth-keyobject-6ec6739e824c8e56d9633622.yaml
View File

@ -1,12 +0,0 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "nai-new-nevisauth-keyobject"
namespace: "adn-postit-tknxchng-01-dev"
labels:
deploymentTarget: "nai"
annotations:
projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
patternId: "6ec6739e824c8e56d9633622"
spec:
keystores: []

19
DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
View File

@ -53,11 +53,6 @@
<!-- source: pattern://b9cfe9de74293eececbcc4a6 -->
<KeyObject name="Signer_New_NEVIS_SecToken" certificate="/var/opt/keys/own/nai-sh4r3d-new-nevis-sectoken-signer/cert.pem" privateKey="/var/opt/keys/own/nai-sh4r3d-new-nevis-sectoken-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/nai-sh4r3d-new-nevis-sectoken-signer/keypass"/>
</KeyStore>
<!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
<KeyStore name="JwtToken">
<!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
<KeyObject name="New_nevisAuth_KeyObject" certificate="/var/opt/keys/trust/nai-new-nevisauth-keyobject/truststore.jks"/>
</KeyStore>
</SessionCoordinator>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<LocalOutOfContextDataStore reaperPeriod="60"/>
@ -74,7 +69,7 @@
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="failed" next="cossa_realm_New_Authentication_Failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="ok" next="cossa_realm_JwtToken"/>
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<Response value="AUTH_CONTINUE">
<!-- source: pattern://89578db79d2bc15d55e11141 -->
@ -97,18 +92,6 @@
</Gui>
</Response>
</AuthState>
<AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<Response value="AUTH_ERROR"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="out.audience" value="https://www.adnovum.ch"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="out.issuer" value="https://my.nevis.server"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="token.key" value="mustFulfillMinimalSizeDependingOnAlgorithmright"/>
</AuthState>
<AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
<!-- source: pattern://b9cfe9de74293eececbcc4a6, pattern://b67f81a971e4c08aa79040a2 -->
<ResultCond name="default" next="cossa_realm_Auth_Done"/>