Skip to content
Snippets Groups Projects
Commit c0cb8d30 authored by OZGCloud's avatar OZGCloud
Browse files

Merge branch 'ozg-3322-enable-mongodb-tls' into ozg-3938-enable-grpc-tls

parents 7fc0a7d8 3626e7fc
Branches
Tags
No related merge requests found
pipeline {
agent {
node {
label 'ozgcloud-jenkins-build-agent'
label 'ozgcloud-jenkins-build-agent-jdk21'
}
}
......
......@@ -29,7 +29,7 @@
<parent>
<groupId>de.ozgcloud.common</groupId>
<artifactId>ozgcloud-common-dependencies</artifactId>
<version>3.0.1</version>
<version>4.0.1</version>
</parent>
<modelVersion>4.0.0</modelVersion>
......@@ -44,19 +44,16 @@
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<ozgcloud.license.version>1.3.0</ozgcloud.license.version>
<jakarta.interceptor.version>2.1.0</jakarta.interceptor.version>
<jakarta.annotatioin.version>2.1.1</jakarta.annotatioin.version>
<lombok.version>1.18.24</lombok.version>
<keycloak-adapter.version>22.0.5</keycloak-adapter.version>
<lombok.version>1.18.30</lombok.version>
<!-- plugins -->
<maven.compiler.release>17</maven.compiler.release>
<maven.compiler.release>21</maven.compiler.release>
<jandex-maven-plugin-version>1.2.3</jandex-maven-plugin-version>
<compiler-plugin.version>3.8.1</compiler-plugin.version>
<jacoco.plugin.version>0.8.8</jacoco.plugin.version>
<surefire-plugin.version>3.2.2</surefire-plugin.version>
<maven-failsafe-plugin.version>3.2.2</maven-failsafe-plugin.version>
<git-commit-id-plugin.version>4.9.10</git-commit-id-plugin.version>
<compiler-plugin.version>3.11.0</compiler-plugin.version>
<jacoco.plugin.version>0.8.11</jacoco.plugin.version>
<surefire-plugin.version>3.2.5</surefire-plugin.version>
<maven-failsafe-plugin.version>3.2.5</maven-failsafe-plugin.version>
<git-commit-id-maven-plugin.version>7.0.0</git-commit-id-maven-plugin.version>
<maven-source.plugin.version>3.3.0</maven-source.plugin.version>
</properties>
......@@ -87,12 +84,12 @@
<dependency>
<groupId>jakarta.interceptor</groupId>
<artifactId>jakarta.interceptor-api</artifactId>
<version>${jakarta.interceptor.version}</version>
<version>${jakarta.version}</version>
</dependency>
<dependency>
<groupId>jakarta.annotation</groupId>
<artifactId>jakarta.annotation-api</artifactId>
<version>${jakarta.annotatioin.version}</version>
<version>${jakarta.version}</version>
</dependency>
<!-- Mapstruct -->
......@@ -181,9 +178,9 @@
<version>${maven-failsafe-plugin.version}</version>
</plugin>
<plugin>
<groupId>pl.project13.maven</groupId>
<artifactId>git-commit-id-plugin</artifactId>
<version>${git-commit-id-plugin.version}</version>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
<version>${git-commit-id-maven-plugin.version}</version>
<executions>
<execution>
<id>get-the-git-infos</id>
......
......@@ -146,3 +146,20 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{ printf "user-manager-truststore" }}
{{- end -}}
{{- end -}}
{{- define "app.getCustomList" -}}
{{- with (.Values.env).customList -}}
{{- if kindIs "map" . -}}
{{ include "app.dictToList" . }}
{{- else if kindIs "slice" . -}}
{{ . | toYaml }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "app.dictToList" -}}
{{- range $key, $value := . -}}
- name: {{ $key }}
value: {{ $value }}
{{- end -}}
{{- end -}}
\ No newline at end of file
......@@ -113,8 +113,8 @@ spec:
- name: QUARKUS_GRPC_SERVER_SSL_KEY
value: ""
{{- end }}
{{- with (.Values.env).customList }}
{{ toYaml . | indent 8 }}
{{- with include "app.getCustomList" . }}
{{ . | indent 8 }}
{{- end }}
{{- if not .Values.disableNamespaceTruststore }}
- name: TRUSTSTORE_PASSWORD
......
......@@ -49,7 +49,10 @@ spec:
- podSelector:
matchLabels:
component: alfa
{{- with (.Values.networkPolicy).additionalIngressConfig }}
{{- with (.Values.networkPolicy).additionalIngressConfigLocal }}
{{ toYaml . | indent 2 }}
{{- end }}
{{- with (.Values.networkPolicy).additionalIngressConfigGlobal }}
{{ toYaml . | indent 2 }}
{{- end }}
egress:
......@@ -77,7 +80,10 @@ spec:
protocol: UDP
- port: 5353
protocol: TCP
{{- with (.Values.networkPolicy).additionalEgressConfig }}
{{- with (.Values.networkPolicy).additionalEgressConfigLocal }}
{{ toYaml . | indent 2 }}
{{- end }}
{{- with (.Values.networkPolicy).additionalEgressConfigGlobal }}
{{ toYaml . | indent 2 }}
{{- end }}
......
......@@ -35,7 +35,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
imagePullSecret: image-pull-secret
tests:
- it: check customList
- it: check customList as list
set:
env.customList:
- name: my_test_environment_name
......@@ -46,6 +46,16 @@ tests:
content:
name: my_test_environment_name
value: "A test value"
- it: check customList as dict
set:
env.customList:
my_test_environment_name: "A test value"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: my_test_environment_name
value: "A test value"
- it: check customList test value is not set by default
asserts:
- notContains:
......
......@@ -99,16 +99,16 @@ tests:
- port: 5353
protocol: TCP
- it: add ingress rule by values
- it: should add additionalIngressConfigLocal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-namespace-dns
additionalIngressConfig:
additionalIngressConfigLocal:
- from:
- podSelector:
matchLabels:
component: client2
component: local-client
asserts:
- contains:
path: spec.ingress
......@@ -116,14 +116,64 @@ tests:
from:
- podSelector:
matchLabels:
component: client2
component: local-client
- it: add egress rules by values
- it: should add additionalIngressConfigGlobal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-namespace-dns
additionalIngressConfigGlobal:
- from:
- podSelector:
matchLabels:
component: global-client
asserts:
- contains:
path: spec.ingress
content:
from:
- podSelector:
matchLabels:
component: global-client
- it: should add additionalIngressConfigGlobal and additionalIngressConfigLocal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-namespace-dns
additionalIngressConfigGlobal:
- from:
- podSelector:
matchLabels:
component: global-client
additionalIngressConfigLocal:
- from:
- podSelector:
matchLabels:
component: local-client
asserts:
- contains:
path: spec.ingress
content:
from:
- podSelector:
matchLabels:
component: global-client
- contains:
path: spec.ingress
content:
from:
- podSelector:
matchLabels:
component: local-client
- it: should add additionalEgressConfigLocal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
additionalEgressConfig:
additionalEgressConfigLocal:
- to:
- ipBlock:
cidr: 1.2.3.4/32
......@@ -135,6 +185,50 @@ tests:
- ipBlock:
cidr: 1.2.3.4/32
- it: should add additionalEgressConfigGlobal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
additionalEgressConfigGlobal:
- to:
- ipBlock:
cidr: 2.3.4.5/32
asserts:
- contains:
path: spec.egress
content:
to:
- ipBlock:
cidr: 2.3.4.5/32
- it: should add additionalEgressConfigLocal and additionalEgressConfigGlobal
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
additionalEgressConfigLocal:
- to:
- ipBlock:
cidr: 1.2.3.4/32
additionalEgressConfigGlobal:
- to:
- ipBlock:
cidr: 2.3.4.5/32
asserts:
- contains:
path: spec.egress
content:
to:
- ipBlock:
cidr: 1.2.3.4/32
- contains:
path: spec.egress
content:
to:
- ipBlock:
cidr: 2.3.4.5/32
- it: test network policy disabled
set:
networkPolicy:
......
......@@ -239,8 +239,8 @@
<extensions>true</extensions>
</plugin>
<plugin>
<groupId>pl.project13.maven</groupId>
<artifactId>git-commit-id-plugin</artifactId>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
......
......@@ -25,10 +25,10 @@ package de.ozgcloud.user.sync;
import static io.quarkus.scheduler.Scheduled.ConcurrentExecution.*;
import de.ozgcloud.user.common.lock.LockService;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import de.ozgcloud.user.common.lock.LockService;
import io.quarkus.scheduler.Scheduled;
import lombok.extern.log4j.Log4j2;
......@@ -48,7 +48,7 @@ public class SyncScheduler {
sync(lock.getTimestamp());
} else {
LOG.warn("UserManager: Database is locked, no sync happend.");
LOG.debug("UserManager: Database is locked, no sync happend.");
if (syncLockService.isLockOlderThanADay()) {
LOG.warn("Database lock is older than a day, removing it now");
syncLockService.unlock();
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment