Skip to content
Snippets Groups Projects
Commit 25c0ba55 authored by OZGCloud's avatar OZGCloud
Browse files

Merge pull request 'OZG-4183-rename-config-params' (#84) from...

Merge pull request 'OZG-4183-rename-config-params' (#84) from OZG-4183-rename-config-params into master

Reviewed-on: https://git.ozg-sh.de/ozgcloud-app/user-manager/pulls/84
parents d1318d08 47051bd3
Branches
Tags
No related merge requests found
Showing
with 77 additions and 79 deletions
......@@ -8,17 +8,17 @@ If you want to learn more about Quarkus, please visit its website: https://quark
This properties must be configured to run the application
| Key | Value | Default | Mandatory | Description |
|-----------------------------------------------|----------------------------------------------------|------------------------| --------- |----------------------------------------------------------------|
|----------------------------------------------------|----------------------------------------------------|------------------------| --------- |----------------------------------------------------------------|
| quarkus.oidc.auth-server-url | https://sso.dev.by.ozg-cloud.de/realms/sh-kiel-dev | none | yes | Url of the keycloak server with the realm |
| quarkus.mongodb.connection-string | mongodb://ozg-mongodb:27017 | none | yes | The connection string for the mongo db database |
| quarkus.mongodb.database | usermanager | usermanager | no | Name of the mongo db database |
| kop.keycloak.sync.period | 5m | 6h | no | Period between synchronizations |
| kop.keycloak.api.user | apiUser | none | yes | The name of the keycloak admin api user |
| kop.keycloak.api.password | **** | none | yes | The password of the keycloak admin api user |
| kop.keycloak.api.realm | realm-name | none | yes | The name of the realm |
| kop.keycloak.api.organisations-einheit-id-key | organisationseinheitId | organisationseinheitId | no | The key where the organisationsEinheitId of the group is saved |
| kop.keycloak.api.ldap-id-key | LDAP_ID | LDAP_ID | no | The key to get the keycloak user id from |
| kop.usermanager.url | http://localhost:8080 | none | yes | The external root url of the usermanager |
| ozgcloud.keycloak.sync.period | 5m | 6h | no | Period between synchronizations |
| ozgcloud.keycloak.api.user | apiUser | none | yes | The name of the keycloak admin api user |
| ozgcloud.keycloak.api.password | **** | none | yes | The password of the keycloak admin api user |
| ozgcloud.keycloak.api.realm | realm-name | none | yes | The name of the realm |
| ozgcloud.keycloak.api.organisations-einheit-id-key | organisationseinheitId | organisationseinheitId | no | The key where the organisationsEinheitId of the group is saved |
| ozgcloud.keycloak.api.ldap-id-key | LDAP_ID | LDAP_ID | no | The key to get the keycloak user id from |
| ozgcloud.user-manager.url | http://localhost:8080 | none | yes | The external root url of the usermanager |
| keycloak.url | https://sso.service | none | yes | The root url of the keycloak service |
## Running the application in dev mode
......@@ -47,7 +47,7 @@ use below configuration in your IDE or CLI.
```
-Dquarkus.profile=local,remotekc
-Dquarkus.oidc.auth-server-url=https://sso.dev.by.ozg-cloud.de/realms/sebo-test
-Dkop.keycloak.api.realm=sebo-test
-Dozgcloud.keycloak.api.realm=sebo-test
-Dozgcloud.usersync.period="5s"
```
......@@ -123,7 +123,7 @@ Usermanager als über-jar erstellen und lokal starten:
./mvnw clean package -Dquarkus.package.type=uber-jar
java -Dquarkus.oidc.auth-server-url=https://sso.dev.by.ozg-cloud.de/realms/by-kiel-dev \
-Dkop.user-manager.url=http://localhost:8080 \
-Dozgcloud.user-manager.url=http://localhost:8080 \
-Dkeycloak.url=https://sso.dev.by.ozg-cloud.de \
-jar ./target/user-manager-server-1.3.0-SNAPSHOT-runner.jar
```
......@@ -136,12 +136,12 @@ Usermanager als native Anwendung erstellen und lokal starten:
./target/user-manager-server-1.3.0-SNAPSHOT-runner \
-Dquarkus.oidc.auth-server-url=https://sso.dev.by.ozg-cloud.de/realms/by-kiel-dev \
-Dquarkus.mongodb.connection-string=mongodb://localhost:27018 \
-Dkop.user-manager.url=http://localhost:8080 \
-Dozgcloud.user-manager.url=http://localhost:8080 \
-Dkeycloak.url=https://sso.dev.by.ozg-cloud.de \
-Dkop.keycloak.api.user=usermanagerapiuser \
-Dkop.keycloak.api.password=hlc_j1I1Ji0trC0 \
-Dkop.keycloak.api.realm=by-kiel-dev \
-Dkop.keycloak.api.client=alfa \
-Dozgcloud.keycloak.api.user=usermanagerapiuser \
-Dozgcloud.keycloak.api.password=hlc_j1I1Ji0trC0 \
-Dozgcloud.keycloak.api.realm=by-kiel-dev \
-Dozgcloud.keycloak.api.client=alfa \
-Dozgcloud.usersync.period="5m" \
-Xmx32m
```
......
......@@ -32,7 +32,7 @@ app.kubernetes.io/instance: user-manager
app.kubernetes.io/managed-by: {{ include "app.managedBy" . }}
app.kubernetes.io/name: {{ include "app.name" . }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
app.kubernetes.io/part-of: kop
app.kubernetes.io/part-of: ozgcloud
app.kubernetes.io/version: {{ include "app.version" . }}
helm.sh/chart: {{ include "app.chart" . }}
{{- end -}}
......@@ -52,8 +52,8 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- printf "%d %d * * *" (div (randNumeric 2) 2) (div (randNumeric 1) 2) -}}
{{- end -}}
{{- define "app.kopEnvironment" -}}
{{- required "Environment muss angegeben sein" (.Values.kop).environment -}}
{{- define "app.ozgcloudEnvironment" -}}
{{- required "Environment muss angegeben sein" (.Values.ozgcloud).environment -}}
{{- end -}}
{{- define "app.ssoServerUrl" -}}
......@@ -64,26 +64,26 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- end -}}
{{- define "app.kopBundesland" -}}
{{- required "kop.bundesland must be set " (.Values.kop).bundesland }}
{{- define "app.ozgcloudBundesland" -}}
{{- required "ozgcloud.bundesland must be set " (.Values.ozgcloud).bundesland }}
{{- end -}}
{{- define "app.kopBezeichner" -}}
{{- if (.Values.kop).bezeichner -}}
{{- define "app.ozgcloudBezeichner" -}}
{{- if (.Values.ozgcloud).bezeichner -}}
{{ $length := len (.Values.kop).bezeichner }}
{{ $length := len (.Values.ozgcloud).bezeichner }}
{{- if lt 27 $length -}}
{{ required (printf "Bezeichner %s ist zu lang (max. 27 Zeichen)" (.Values.kop).bezeichner) nil }}
{{ required (printf "Bezeichner %s ist zu lang (max. 27 Zeichen)" (.Values.ozgcloud).bezeichner) nil }}
{{- else -}}
{{- required "Bezeichner muss angegeben sein" (.Values.kop).bezeichner -}}
{{- required "Bezeichner muss angegeben sein" (.Values.ozgcloud).bezeichner -}}
{{- end -}}
{{- else -}}
{{- required "Bezeichner muss angegeben sein" (.Values.kop).bezeichner -}}
{{- required "Bezeichner muss angegeben sein" (.Values.ozgcloud).bezeichner -}}
{{- end -}}
{{- end -}}
{{- define "app.ssoRealm" -}}
{{ printf "%s-%s-%s" (include "app.kopBundesland" .) ( include "app.kopBezeichner" . ) ( include "app.kopEnvironment" . ) | trunc 63 | trimSuffix "-" }}
{{ printf "%s-%s-%s" (include "app.ozgcloudBundesland" .) ( include "app.ozgcloudBezeichner" . ) ( include "app.ozgcloudEnvironment" . ) | trunc 63 | trimSuffix "-" }}
{{- end -}}
{{- define "app.ssoClientName" -}}
......@@ -95,11 +95,11 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- define "app.baseUrl" -}}
{{ printf "https://%s-%s.%s" (include "app.kopBezeichner" .) (include "app.name" .) .Values.baseUrl }}
{{ printf "https://%s-%s.%s" (include "app.ozgcloudBezeichner" .) (include "app.name" .) .Values.baseUrl }}
{{- end -}}
{{- define "app.goofyAddress" -}}
{{ printf "https://%s.%s" (include "app.kopBezeichner" .) .Values.baseUrl }}
{{- define "app.alfaAddress" -}}
{{ printf "https://%s.%s" (include "app.ozgcloudBezeichner" .) .Values.baseUrl }}
{{- end -}}
{{- define "app.replaceAllNonAlphanumeric" -}}
......
......@@ -7,5 +7,5 @@ metadata:
{{- include "app.defaultLabels" . | indent 4 }}
type: Opaque
stringData:
password: {{ required "kop.keycloak.api.password must be set" .Values.kop.keycloak.api.password }}
password: {{ required "ozgcloud.keycloak.api.password must be set" .Values.ozgcloud.keycloak.api.password }}
{{- end -}}
\ No newline at end of file
......@@ -64,22 +64,22 @@ spec:
key: connectionString.standard
optional: false
{{- if not (.Values.sso).api_user }}
- name: KOP_KEYCLOAK_API_PASSWORD
- name: OZGCLOUD_KEYCLOAK_API_PASSWORD
valueFrom:
secretKeyRef:
name: user-manager-api-password
key: password
optional: false
- name: KOP_KEYCLOAK_API_USER
value: {{ .Values.kop.keycloak.api.user }}
- name: OZGCLOUD_KEYCLOAK_API_USER
value: {{ .Values.ozgcloud.keycloak.api.user }}
{{- else }}
- name: KOP_KEYCLOAK_API_PASSWORD
- name: OZGCLOUD_KEYCLOAK_API_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "app.generateKeycloakUserSecretName" . }}
key: password
optional: false
- name: KOP_KEYCLOAK_API_USER
- name: OZGCLOUD_KEYCLOAK_API_USER
valueFrom:
secretKeyRef:
name: {{ include "app.generateKeycloakUserSecretName" . }}
......@@ -88,22 +88,22 @@ spec:
{{- end }}
- name: QUARKUS_MONGODB_DATABASE
value: {{ include "app.databaseName" . }}
- name: KOP_KEYCLOAK_API_REALM
- name: OZGCLOUD_KEYCLOAK_API_REALM
value: {{ include "app.ssoRealm" . }}
- name: KOP_KEYCLOAK_API_CLIENT
- name: OZGCLOUD_KEYCLOAK_API_CLIENT
value: {{ include "app.ssoClientName" . }}
- name: QUARKUS_OIDC_AUTH_SERVER_URL
value: {{ include "app.ssoServerUrl" . }}/realms/{{ include "app.ssoRealm" . }}
- name: KEYCLOAK_URL
value: {{ include "app.ssoServerUrl" . }}
- name: KOP_USER_MANAGER_URL
- name: OZGCLOUD_USER_MANAGER_URL
value: {{ include "app.baseUrl" . }}
{{- if ((.Values.ozgcloud).usersync).period }}
- name: OZGCLOUD_USERSYNC_PERIOD
value: {{ .Values.ozgcloud.usersync.period }}
{{- end }}
- name: QUARKUS_HTTP_CORS_ORIGINS
value: {{ (include "app.goofyAddress" .) }}
value: {{ (include "app.alfaAddress" .) }}
{{- with (.Values.env).customList }}
{{ toYaml . | indent 8 }}
{{- end }}
......
......@@ -28,7 +28,7 @@ metadata:
{{- with .Values.ingress.configuration_snippet}}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
more_set_headers "Access-Control-Allow-Origin: {{ (include "app.goofyAddress" .) }}";
more_set_headers "Access-Control-Allow-Origin: {{ (include "app.alfaAddress" .) }}";
{{- if (.Values.ingress).use_staging_cert }}
cert-manager.io/cluster-issuer: letsencrypt-staging
{{- else }}
......@@ -55,5 +55,5 @@ spec:
- hosts:
- {{ trimPrefix "https://" ( include "app.baseUrl" . ) }}
{{- if ne (.Values).cluster_env "dataport" }}
secretName: {{ .Values.kop.bezeichner }}-{{ include "app.name" . }}-tls
secretName: {{ .Values.ozgcloud.bezeichner }}-{{ include "app.name" . }}-tls
{{- end }}
\ No newline at end of file
......@@ -34,14 +34,14 @@ image:
database: # username is always <release-name>-database-user
databaseName: user-manager-database
kop:
ozgcloud:
keycloak:
api:
user: userManagerApiUser
imageCredentials:
registry: docker.ozg-sh.de
username: kop
username: ozgcloud
password: Ymtbek3BWR8v
email: webmaster@ozg-sh.de
......
......@@ -36,12 +36,12 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_USER
name: OZGCLOUD_KEYCLOAK_API_USER
value: userManagerApiUser
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_PASSWORD
name: OZGCLOUD_KEYCLOAK_API_PASSWORD
valueFrom:
secretKeyRef:
name: user-manager-api-password
......@@ -50,7 +50,7 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_REALM
name: OZGCLOUD_KEYCLOAK_API_REALM
value: sh-helm-test
- contains:
path: spec.template.spec.containers[0].env
......@@ -65,7 +65,7 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_CLIENT
name: OZGCLOUD_KEYCLOAK_API_CLIENT
value: alfa
- it: should set keycloak client name
......@@ -79,7 +79,7 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_CLIENT
name: OZGCLOUD_KEYCLOAK_API_CLIENT
value: alfa
- it: sso.serverurl with https
......@@ -128,7 +128,7 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_USER
name: OZGCLOUD_KEYCLOAK_API_USER
valueFrom:
secretKeyRef:
name: usermanagerapiuser-credentials
......@@ -137,7 +137,7 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_KEYCLOAK_API_PASSWORD
name: OZGCLOUD_KEYCLOAK_API_PASSWORD
valueFrom:
secretKeyRef:
name: usermanagerapiuser-credentials
......
......@@ -36,5 +36,5 @@ tests:
- contains:
path: spec.template.spec.containers[0].env
content:
name: KOP_USER_MANAGER_URL
name: OZGCLOUD_USER_MANAGER_URL
value: https://helm-user-manager.test.sh.ozg-cloud.de
\ No newline at end of file
......@@ -41,7 +41,7 @@ tests:
value: user-manager
- equal:
path: metadata.labels.[app.kubernetes.io/part-of]
value: kop
value: ozgcloud
- equal:
path: metadata.labels.[app.kubernetes.io/namespace]
value: sh-helm-test
......
......@@ -31,7 +31,7 @@ templates:
tests:
- it: should mount volumes for user-manager root ca
set:
kop.environment: dev
ozgcloud.environment: dev
asserts:
- contains:
path: spec.template.spec.containers[0].volumeMounts
......
......@@ -53,7 +53,7 @@ tests:
value: by-helm-test
- it: should have default Values
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......@@ -85,7 +85,7 @@ tests:
- it: should have Keycloak User without roles
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......@@ -122,7 +122,7 @@ tests:
- it: should have Keycloak User with client role
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......@@ -165,7 +165,7 @@ tests:
- it: should have Keycloak User with realm role
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......@@ -206,7 +206,7 @@ tests:
- it: should have Keycloak User with group
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......@@ -247,7 +247,7 @@ tests:
- it: should have lowercase username
set:
kop:
ozgcloud:
bundesland: by
bezeichner: helm
environment: test
......
suite: test ozg_operator_secrets_read_role_binding
release:
name: goofy
name: alfa
namespace: by-helm-test
templates:
- templates/ozg_operator_secrets_read_role_binding.yaml
......
suite: test ozg_operator_secrets_read_role
release:
name: goofy
name: alfa
namespace: by-helm-test
templates:
- templates/ozg_operator_secrets_read_role.yaml
......
suite: test ozg_operator_secrets_role_binding
release:
name: goofy
name: alfa
namespace: by-helm-test
templates:
- templates/ozg_operator_secrets_write_role_binding.yaml
......
suite: test ozg_operator_secrets_write_role
release:
name: goofy
name: alfa
namespace: by-helm-test
templates:
- templates/ozg_operator_secrets_write_role.yaml
......
......@@ -24,7 +24,7 @@
baseUrl: test.sh.ozg-cloud.de
kop:
ozgcloud:
bundesland: sh
bezeichner: helm
environment: test
......
......@@ -61,7 +61,7 @@ public class UserProfileResource {
// TODO parameter in den resourceAssembler verschieben
// TODO wozu ist der eigentlich gut? - bitte aus Request übernehmen
@ConfigProperty(name = "kop.user-manager.url")
@ConfigProperty(name = "ozgcloud.user-manager.url")
String userManagerUrl;
@GET
......
......@@ -27,7 +27,7 @@ import jakarta.validation.constraints.NotBlank;
import io.smallrye.config.ConfigMapping;
@ConfigMapping(prefix = "kop.keycloak.api")
@ConfigMapping(prefix = "ozgcloud.keycloak.api")
public interface KeycloakApiProperties {
@NotBlank
......
......@@ -63,7 +63,7 @@ public class UserSettingsResource {
@Inject
UserSettingsResourceAssembler resourceAssembler;
@ConfigProperty(name = "kop.user-manager.url")
@ConfigProperty(name = "ozgcloud.user-manager.url")
String userManagerUrl;
@GET
......
......@@ -14,17 +14,15 @@ quarkus:
level: TRACE
min-level: TRACE
kop:
keycloak:
url: https://sso.dev.by.ozg-cloud.de
ozgcloud:
keycloak:
api:
user: userManagerApiUser
password: S9UEMuLG9y9ev99
realm: by-e2e-local-dev
client: alfa
keycloak:
url: https://sso.dev.by.ozg-cloud.de
ozgcloud:
usersync:
period: disabled
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment