Skip to content

Commit

Permalink
AAE-4797 update to identity 3.0.0 (#108)
Browse files Browse the repository at this point in the history
  • Loading branch information
mteodori authored Mar 12, 2021
1 parent 6c1871b commit 47f3751
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 72 deletions.
38 changes: 23 additions & 15 deletions helm/alfresco-process-infrastructure/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ Kubernetes: `>=1.15.0-0`
| https://activiti.github.io/activiti-cloud-helm-charts | common | 7.1.0-M12 |
| https://charts.bitnami.com/bitnami | postgresql | 9.1.1 |
| https://charts.bitnami.com/bitnami | rabbitmq | 7.8.0 |
| https://kubernetes-charts.alfresco.com/stable | alfresco-identity-service | 2.1.0 |
| https://kubernetes-charts.alfresco.com/stable | alfresco-identity-service | 3.0.0 |

## Values

Expand Down Expand Up @@ -87,10 +87,18 @@ Kubernetes: `>=1.15.0-0`
| alfresco-deployment-service.projectReleaseVolume.storageClass | string | `"#{null}"` | storage class for project release volume, set to null spring expression to use default |
| alfresco-deployment-service.rabbitmq.enabled | bool | `false` | |
| alfresco-identity-service.enabled | bool | `true` | |
| alfresco-identity-service.ingress.annotations."nginx.ingress.kubernetes.io/enable-cors" | string | `"false"` | |
| alfresco-identity-service.ingress.common.enabled | bool | `true` | |
| alfresco-identity-service.extraEnv | string | `"- name: KEYCLOAK_USER\n value: admin\n- name: KEYCLOAK_PASSWORD\n value: admin\n- name: KEYCLOAK_IMPORT\n value: /realm/alfresco-realm.json\n- name: PROXY_ADDRESS_FORWARDING\n value: \"true\"\n"` | |
| alfresco-identity-service.ingress.enabled | bool | `false` | |
| alfresco-identity-service.keycloak.ingress.enabled | bool | `false` | |
| alfresco-identity-service.keycloak.ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | |
| alfresco-identity-service.keycloak.ingress.annotations."nginx.ingress.kubernetes.io/affinity" | string | `"cookie"` | |
| alfresco-identity-service.keycloak.ingress.annotations."nginx.ingress.kubernetes.io/enable-cors" | string | `"false"` | |
| alfresco-identity-service.keycloak.ingress.annotations."nginx.ingress.kubernetes.io/proxy-buffer-size" | string | `"128k"` | |
| alfresco-identity-service.keycloak.ingress.annotations."nginx.ingress.kubernetes.io/session-cookie-hash" | string | `"sha1"` | |
| alfresco-identity-service.keycloak.ingress.annotations."nginx.ingress.kubernetes.io/session-cookie-name" | string | `"identity_affinity_route"` | |
| alfresco-identity-service.keycloak.ingress.enabled | bool | `true` | |
| alfresco-identity-service.keycloak.ingress.rules[0].host | string | `"{{ include \"common.keycloak-host\" . }}"` | |
| alfresco-identity-service.keycloak.ingress.rules[0].paths[0] | string | `"/auth"` | |
| alfresco-identity-service.keycloak.ingress.tls | list | `[]` | |
| alfresco-identity-service.keycloak.keycloak.image.tag | string | `"1.4.0"` | |
| alfresco-identity-service.keycloak.postgresql.imageTag | float | `11.7` | |
| alfresco-identity-service.keycloak.postgresql.persistence.existingClaim | string | `""` | |
Expand Down Expand Up @@ -151,7 +159,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[0].clientRoles.realm-management[7] | string | `"realm-admin"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].credentials[0].value | string | `"client"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].email | string | `"client@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].email | string | `"client@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].firstName | string | `"client"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[0].lastName | string | `"client"` | |
Expand All @@ -163,7 +171,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[10].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].email | string | `"modeler-qa@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].email | string | `"modeler-qa@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].firstName | string | `"Modeler"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[10].lastName | string | `"User"` | |
Expand All @@ -184,7 +192,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[1].clientRoles.realm-management[7] | string | `"realm-admin"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].email | string | `"superadminuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].email | string | `"superadminuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].firstName | string | `"Super Admin"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[1].lastName | string | `"User"` | |
Expand All @@ -200,7 +208,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[2].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].email | string | `"devopsuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].email | string | `"devopsuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].firstName | string | `"DevOps"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[2].lastName | string | `"User"` | |
Expand All @@ -212,7 +220,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[3].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].email | string | `"hruser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].email | string | `"hruser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].firstName | string | `"HR"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[3].groups[0] | string | `"/hr"` | |
Expand All @@ -225,7 +233,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[4].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].email | string | `"processadminuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].email | string | `"processadminuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].firstName | string | `"Process Admin"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[4].groups[0] | string | `"/processadmin"` | |
Expand All @@ -238,7 +246,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[5].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].email | string | `"salesuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].email | string | `"salesuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].firstName | string | `"Sales"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[5].groups[0] | string | `"/sales"` | |
Expand All @@ -251,7 +259,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[6].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].email | string | `"testuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].email | string | `"testuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].firstName | string | `"Test"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[6].groups[0] | string | `"/testgroup"` | |
Expand All @@ -264,7 +272,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[7].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].email | string | `"testadmin@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].email | string | `"testadmin@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].firstName | string | `"Test"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[7].groups[0] | string | `"/testgroup"` | |
Expand All @@ -278,7 +286,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[8].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].email | string | `"identityuser@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].email | string | `"identityuser@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].firstName | string | `"Identity"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[8].lastName | string | `"Admin"` | |
Expand All @@ -290,7 +298,7 @@ Kubernetes: `>=1.15.0-0`
| alfresco-identity-service.realm.alfresco.extraUsers[9].clientRoles.account[1] | string | `"view-profile"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].credentials[0].type | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].credentials[0].value | string | `"password"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].email | string | `"modeler@test.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].email | string | `"modeler@example.com"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].enabled | bool | `true` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].firstName | string | `"Modeler"` | |
| alfresco-identity-service.realm.alfresco.extraUsers[9].lastName | string | `"User"` | |
Expand Down
2 changes: 1 addition & 1 deletion helm/alfresco-process-infrastructure/requirements.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ dependencies:
version: 7.1.0-M12
- name: alfresco-identity-service
repository: https://kubernetes-charts.alfresco.com/stable
version: 2.1.0
version: 3.0.0
condition: alfresco-identity-service.enabled
- name: common
repository: https://activiti.github.io/activiti-cloud-helm-charts
Expand Down
4 changes: 4 additions & 0 deletions helm/alfresco-process-infrastructure/templates/NOTES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,12 @@ To learn more about the release, try:
Get the application URLs:

* Alfresco Identity Service : {{ template "common.keycloak-url" . }}
{{- if index .Values "alfresco-modeling-app" "enabled" }}
* Alfresco Modeling : {{ template "common.gateway-url" . }}{{ index .Values "alfresco-modeling-app" "ingress" "path" }}
{{- end -}}
{{- if index .Values "alfresco-admin-app" "enabled" }}
* Alfresco Admin : {{ template "common.gateway-url" . }}{{ index .Values "alfresco-admin-app" "ingress" "path" }}
{{- end }}

To see deployment status, try:

Expand Down

This file was deleted.

49 changes: 33 additions & 16 deletions helm/alfresco-process-infrastructure/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -58,22 +58,39 @@ alfresco-identity-service:
create: false
ingress:
enabled: false
common:
enabled: true
annotations:
nginx.ingress.kubernetes.io/enable-cors: "false" # disable NGINX CORS as it's managed by Identity Service
keycloak:
keycloak:
image:
tag: 1.4.0
ingress:
enabled: false
enabled: true
rules:
- host: '{{ include "common.keycloak-host" . }}'
paths:
- /auth
tls: []
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/session-cookie-name: identity_affinity_route
nginx.ingress.kubernetes.io/session-cookie-hash: sha1
nginx.ingress.kubernetes.io/enable-cors: "false"
postgresql:
tls:
enabled: false
imageTag: 11.7
persistence:
existingClaim: "" # use default postgresql PVC
extraEnv: |
- name: KEYCLOAK_USER
value: admin
- name: KEYCLOAK_PASSWORD
value: admin
- name: KEYCLOAK_IMPORT
value: /realm/alfresco-realm.json
- name: PROXY_ADDRESS_FORWARDING
value: "true"
realm:
alfresco:
client:
Expand Down Expand Up @@ -149,7 +166,7 @@ alfresco-identity-service:
enabled: true
firstName: client
lastName: client
email: client@test.com
email: client@example.com
credentials:
- type: password
value: client
Expand All @@ -176,7 +193,7 @@ alfresco-identity-service:
enabled: true
firstName: "Super Admin"
lastName: "User"
email: superadminuser@test.com
email: superadminuser@example.com
credentials:
- type: password
value: password
Expand Down Expand Up @@ -207,7 +224,7 @@ alfresco-identity-service:
enabled: true
firstName: DevOps
lastName: User
email: devopsuser@test.com
email: devopsuser@example.com
credentials:
- type: password
value: password
Expand All @@ -223,7 +240,7 @@ alfresco-identity-service:
enabled: true
firstName: HR
lastName: User
email: hruser@test.com
email: hruser@example.com
credentials:
- type: password
value: password
Expand All @@ -241,7 +258,7 @@ alfresco-identity-service:
enabled: true
firstName: "Process Admin"
lastName: User
email: processadminuser@test.com
email: processadminuser@example.com
credentials:
- type: password
value: password
Expand All @@ -259,7 +276,7 @@ alfresco-identity-service:
enabled: true
firstName: Sales
lastName: User
email: salesuser@test.com
email: salesuser@example.com
credentials:
- type: password
value: password
Expand All @@ -277,7 +294,7 @@ alfresco-identity-service:
enabled: true
firstName: Test
lastName: User
email: testuser@test.com
email: testuser@example.com
credentials:
- type: password
value: password
Expand All @@ -295,7 +312,7 @@ alfresco-identity-service:
enabled: true
firstName: Test
lastName: Admin
email: testadmin@test.com
email: testadmin@example.com
credentials:
- type: password
value: password
Expand All @@ -314,7 +331,7 @@ alfresco-identity-service:
enabled: true
firstName: Identity
lastName: Admin
email: identityuser@test.com
email: identityuser@example.com
credentials:
- type: password
value: password
Expand All @@ -330,7 +347,7 @@ alfresco-identity-service:
enabled: true
firstName: Modeler
lastName: User
email: modeler@test.com
email: modeler@example.com
credentials:
- type: password
value: password
Expand All @@ -346,7 +363,7 @@ alfresco-identity-service:
enabled: true
firstName: Modeler
lastName: User
email: modeler-qa@test.com
email: modeler-qa@example.com
credentials:
- type: password
value: password
Expand Down

0 comments on commit 47f3751

Please sign in to comment.