From 8e143f04a07fe2ebfacee89e5c9c820a41369454 Mon Sep 17 00:00:00 2001 From: Keny Villela Date: Mon, 12 Sep 2022 11:42:43 -0300 Subject: [PATCH] SIGI helm chart corretions v0 --- charts/sigi/v0.1.0/questions.yaml | 150 ----------------- charts/sigi/v0.1.0/templates/NOTES.txt | 10 -- charts/sigi/{v0.1.0 => v0}/Chart.lock | 0 charts/sigi/{v0.1.0 => v0}/Chart.yaml | 0 charts/sigi/{v0.1.0 => v0}/app-readme.md | 0 .../charts/postgresql-11.6.8.tgz | Bin charts/sigi/v0/questions.yaml | 152 ++++++++++++++++++ charts/sigi/v0/templates/NOTES.txt | 5 + .../{v0.1.0 => v0}/templates/_helpers.tpl | 0 .../{v0.1.0 => v0}/templates/deployment.yaml | 52 ++++-- charts/sigi/{v0.1.0 => v0}/templates/hpa.yaml | 0 .../{v0.1.0 => v0}/templates/ingress.yaml | 0 .../{v0.1.0 => v0}/templates/pvc-media.yaml | 0 .../{v0.1.0 => v0}/templates/secretkey.yaml | 0 .../{v0.1.0 => v0}/templates/service.yaml | 0 .../templates/velero-schedule-monthly.yaml | 0 .../templates/velero-schedule-weekdays.yaml | 0 .../templates/velero-schedule-weekly.yaml | 0 charts/sigi/{v0.1.0 => v0}/values.yaml | 29 +++- 19 files changed, 216 insertions(+), 182 deletions(-) delete mode 100644 charts/sigi/v0.1.0/questions.yaml delete mode 100644 charts/sigi/v0.1.0/templates/NOTES.txt rename charts/sigi/{v0.1.0 => v0}/Chart.lock (100%) rename charts/sigi/{v0.1.0 => v0}/Chart.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/app-readme.md (100%) rename charts/sigi/{v0.1.0 => v0}/charts/postgresql-11.6.8.tgz (100%) create mode 100644 charts/sigi/v0/questions.yaml create mode 100644 charts/sigi/v0/templates/NOTES.txt rename charts/sigi/{v0.1.0 => v0}/templates/_helpers.tpl (100%) rename charts/sigi/{v0.1.0 => v0}/templates/deployment.yaml (71%) rename charts/sigi/{v0.1.0 => v0}/templates/hpa.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/ingress.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/pvc-media.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/secretkey.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/service.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/velero-schedule-monthly.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/velero-schedule-weekdays.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/templates/velero-schedule-weekly.yaml (100%) rename charts/sigi/{v0.1.0 => v0}/values.yaml (73%) diff --git a/charts/sigi/v0.1.0/questions.yaml b/charts/sigi/v0.1.0/questions.yaml deleted file mode 100644 index 8cfcda9..0000000 --- a/charts/sigi/v0.1.0/questions.yaml +++ /dev/null @@ -1,150 +0,0 @@ -labels: - io.cattle.role: project -categories: -- Gerencial -questions: -# Informações Básicas -- variable: sigi.hostname - default: "sigi.interlegis.leg.br" - description: "Endereço para acesso ao SIGI" - label: "URL do SIGI" - type: string - group: Básico - required: true -- variable: sigi.adminEmail - default: "sigi@interlegis.leg.br" - description: "SIGI Administrator" - label: Contato - type: string - group: Básico - required: true -- variable: sigi.adminPassword - default: "sigi" - description: "Senha do usuário administrativo do SIGI" - label: Senha Admin - type: password - group: Básico - required: true - -# Ingress -- variable: ingress.tls.enabled - default: true - type: boolean - description: "Habilitar criptografia do protocolo HTTP (HTTPS)?" - label: "Habilitar TLS?" - required: false - group: Ingress - show_subquestion_if: true - subquestions: - - variable: ingress.tls.provider - default: letsencrypt - type: enum - description: "Qual provedor de certificados utilizar?" - label: "Provedor de certificados" - required: false - group: Ingress - options: - - letsencrypt - - letsencrypt-hml - - aws - -- variable: ingress.class - default: nginx - type: enum - description: "Qual o Ingress Controller?" - label: "Classe Ingress" - required: false - group: Ingress - options: - - nginx - - alb - -# Correio -- variable: sigi.emailSendUser - default: "sigi@interlegis.leg.br" - description: "Remetente dos e-mails enviados pelo SIGI" - label: "Remetente" - type: string - group: Correio - required: false -- variable: sigi.useTls - default: "False" - description: "Usar TLS ao conectar no servidor SMTP?" - label: "Usar TLS" - type: enum - group: Correio - options: - - "True" - - "False" - required: false -- variable: sigi.emailPort - default: 25 - description: "Porta de envio de E-mail (SMTP)" - type: int - label: "Porta SMTP" - required: false - group: Correio -- variable: sigi.emailHost - default: "smtp.interlegis.leg.br" - description: "Servidor de envio de e-mail (SMTP)" - label: "Servidor SMTP" - type: string - group: Correio - required: false - -# PostgreSQL -- variable: postgresql.internal - default: true - description: "Fazer o deploy do Postgres?" - label: "Postgres Interno?" - type: boolean - group: PostgreSQL - required: false -- variable: postgresql.auth.Password - default: "sigi" - description: "Senha do banco de dados Postgres" - label: "Senha do Postgres" - type: password - group: PostgreSQL - required: true - -# Avançado -- variable: sigi.debug - default: "False" - description: "Habilitar mensagens de Debug?" - label: "Debug?" - type: enum - group: Avançado - options: - - "True" - - "False" -- variable: sigi.timeZone - default: "America/Sao_Paulo" - description: "Fuso Horário do SIGI" - type: enum - label: "Fuso" - options: - - "America/Sao_Paulo" - - "America/Fortaleza" - - "America/Belem" - - "America/Araguaina" - - "America/Bahia" - - "America/Boa_Vista" - - "America/Campo_Grande" - - "America/Cuiaba" - - "America/Maceio" - - "America/Manaus" - - "America/Porto_Velho" - - "America/Recife" - - "America/Rio_Branco" - - "America/Sao_Paulo" - required: true - group: Avançado - -- variable: velero.backup.enabled - default: false - type: boolean - label: "Habilitar backup com Velero?" - description: "Criar ou não os objetos para backup com o Velero." - required: false - group: Avançado diff --git a/charts/sigi/v0.1.0/templates/NOTES.txt b/charts/sigi/v0.1.0/templates/NOTES.txt deleted file mode 100644 index 53de7bd..0000000 --- a/charts/sigi/v0.1.0/templates/NOTES.txt +++ /dev/null @@ -1,10 +0,0 @@ -1. Seu SIGI pode ser acessado através da URL: -{{- if .Values.ingress.enabled }} - http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ .Values.sigi.hostname }} -{{- end }} -2. Utilize as seguintes credenciais para acesso inicial: - Usuario: sigi - Senha: {{ .Values.sigi.adminPassword }} -3. Usuario de administração do Postgres: - Usuario: sigi - Senha: {{ .Values.postgresql.postgresqlPassword }} diff --git a/charts/sigi/v0.1.0/Chart.lock b/charts/sigi/v0/Chart.lock similarity index 100% rename from charts/sigi/v0.1.0/Chart.lock rename to charts/sigi/v0/Chart.lock diff --git a/charts/sigi/v0.1.0/Chart.yaml b/charts/sigi/v0/Chart.yaml similarity index 100% rename from charts/sigi/v0.1.0/Chart.yaml rename to charts/sigi/v0/Chart.yaml diff --git a/charts/sigi/v0.1.0/app-readme.md b/charts/sigi/v0/app-readme.md similarity index 100% rename from charts/sigi/v0.1.0/app-readme.md rename to charts/sigi/v0/app-readme.md diff --git a/charts/sigi/v0.1.0/charts/postgresql-11.6.8.tgz b/charts/sigi/v0/charts/postgresql-11.6.8.tgz similarity index 100% rename from charts/sigi/v0.1.0/charts/postgresql-11.6.8.tgz rename to charts/sigi/v0/charts/postgresql-11.6.8.tgz diff --git a/charts/sigi/v0/questions.yaml b/charts/sigi/v0/questions.yaml new file mode 100644 index 0000000..b91cf29 --- /dev/null +++ b/charts/sigi/v0/questions.yaml @@ -0,0 +1,152 @@ +labels: + io.cattle.role: project +categories: +- Gerencial +questions: +# Informações Básicas +- variable: sigi.hostname + default: {{ include "sigi.fullname" . }}.interlegis.leg.br + description: "Endereço para acesso ao SIGI" + label: "URL do SIGI" + type: string + group: Básico + required: true + + +# Ingress +- variable: ingress.tls.enabled + default: true + type: boolean + description: "Habilitar criptografia do protocolo HTTP (HTTPS)?" + label: "Habilitar TLS?" + required: false + group: Ingress + show_subquestion_if: true + subquestions: + - variable: ingress.tls.provider + default: letsencrypt + type: enum + description: "Qual provedor de certificados utilizar?" + label: "Provedor de certificados" + required: false + group: Ingress + options: + - letsencrypt + - letsencrypt-hml + - aws + +- variable: ingress.class + default: nginx + type: enum + description: "Qual o Ingress Controller?" + label: "Classe Ingress" + required: false + group: Ingress + options: + - nginx + - alb + +## Correio +#- variable: sigi.emailSendUser +# default: "sigi@interlegis.leg.br" +# description: "Remetente dos e-mails enviados pelo SIGI" +# label: "Remetente" +# type: string +# group: Correio +# required: false +#- variable: sigi.useTls +# default: "False" +# description: "Usar TLS ao conectar no servidor SMTP?" +# label: "Usar TLS" +# type: enum +# group: Correio +# options: +# - "True" +# - "False" +# required: false +#- variable: sigi.emailPort +# default: 25 +# description: "Porta de envio de E-mail (SMTP)" +# type: int +# label: "Porta SMTP" +# required: false +# group: Correio +#- variable: sigi.emailHost +# default: "smtp.interlegis.leg.br" +# description: "Servidor de envio de e-mail (SMTP)" +# label: "Servidor SMTP" +# type: string +# group: Correio +# required: false + +# PostgreSQL +- variable: postgresql.internal + default: true + description: "Fazer o deploy do Postgres?" + label: "Postgres Interno?" + type: boolean + group: PostgreSQL + required: false +#- variable: postgresql.auth.Password +# default: "sigi" +# description: "Senha do banco de dados Postgres" +# label: "Senha do Postgres" +# type: password +# group: PostgreSQL +# required: true + +# Avançado +- variable: sigi.debug + default: "False" + description: "Habilitar mensagens de Debug?" + label: "Debug?" + type: enum + options: + - "True" + - "False" + group: Avançado + required: true + +- variable: image.pullPolicy + default: IfNotPresent + description: "Politica de carga da imagem docker do SIGI." + label: "Carregar a imagem apenas quando não estiver presente?" + type: enum + options: + - IfNotPresent + - Always + group: Avançado + required: true + +#- variable: sigi.timeZone +# default: "America/Sao_Paulo" +# description: "Fuso Horário do SIGI" +# label: "Fuso" +# type: enum +# options: +# - "America/Sao_Paulo" +# - "America/Fortaleza" +# - "America/Belem" +# - "America/Araguaina" +# - "America/Bahia" +# - "America/Boa_Vista" +# - "America/Campo_Grande" +# - "America/Cuiaba" +# - "America/Maceio" +# - "America/Manaus" +# - "America/Porto_Velho" +# - "America/Recife" +# - "America/Rio_Branco" +# - "America/Sao_Paulo" +# group: Avançado +# required: true + +# Backup +- variable: velero.backup.enabled + default: false + label: "Habilitar backup com Velero?" + description: "Criar ou não os objetos para backup com o Velero." + type: boolean + group: Backup + required: false + diff --git a/charts/sigi/v0/templates/NOTES.txt b/charts/sigi/v0/templates/NOTES.txt new file mode 100644 index 0000000..b2c4ac4 --- /dev/null +++ b/charts/sigi/v0/templates/NOTES.txt @@ -0,0 +1,5 @@ +1. Seu SIGI pode ser acessado através da URL: +{{- if .Values.ingress.enabled }} + http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ .Values.sigi.hostname }} +{{- end }} + diff --git a/charts/sigi/v0.1.0/templates/_helpers.tpl b/charts/sigi/v0/templates/_helpers.tpl similarity index 100% rename from charts/sigi/v0.1.0/templates/_helpers.tpl rename to charts/sigi/v0/templates/_helpers.tpl diff --git a/charts/sigi/v0.1.0/templates/deployment.yaml b/charts/sigi/v0/templates/deployment.yaml similarity index 71% rename from charts/sigi/v0.1.0/templates/deployment.yaml rename to charts/sigi/v0/templates/deployment.yaml index c2d32b1..b4e0f1b 100644 --- a/charts/sigi/v0.1.0/templates/deployment.yaml +++ b/charts/sigi/v0/templates/deployment.yaml @@ -37,26 +37,50 @@ spec: containerPort: 80 protocol: TCP env: - - name: DATABASE_URL - value: {{ printf "postgresql://%s:%s@%s:5432/%s" .Values.postgresql.auth.username .Values.postgresql.auth.password (include "postgresql.fullname" .) .Values.postgresql.auth.database| quote }} - - name: ADMIN_PASSWORD - value: "{{ .Values.sigi.adminPassword }}" - - name: ADMIN_EMAIL - value: "{{ .Values.sigi.adminEmail }}" - - name: EMAIL_SEND_USER - value: "{{ .Values.sigi.emailSendUser }}" - name: DEBUG value: "{{ .Values.sigi.debug }}" - - name: USE_TLS - value: "{{ .Values.sigi.useTls }}" - - name: EMAIL_PORT - value: "{{ .Values.sigi.emailPort }}" - - name: EMAIL_HOST - value: "{{ .Values.sigi.emailHost }}" - name: TZ value: "{{ .Values.sigi.timeZone }}" - name: LANG value: "{{ .Values.sigi.language }}" + - name: DATABASE_URL + value: {{ printf "postgresql://%s:%s@%s:5432/%s" .Values.postgresql.auth.username .Values.postgresql.auth.password (include "postgresql.fullname" .) .Values.postgresql.auth.database| quote }} + - name: EMAIL_PORT + value: "{{ .Values.sigi.emailPort }}" + - name: EMAIL_HOST + value: "{{ .Values.sigi.emailHost }}" + - name: DEFAULT_FROM_EMAIL + value: "{{ .Values.sigi.defaultFromEmail }}" + - name: AUTH_LDAP_SERVER_URI + value: "{{ .Values.sigi.auth.ldap.serverURI }}" + - name: AUTH_LDAP_BIND_DN + value: "{{ .Values.sigi.auth.ldap.bindDN }}" + - name: AUTH_LDAP_BIND_PASSWORD + value: "{{ .Values.sigi.auth.ldap.bindPwd }}" + - name: AUTH_LDAP_USER + value: "{{ .Values.sigi.auth.ldap.user }}" + - name: AUTH_LDAP_USER_SEARCH_STRING + value: "{{ .Values.sigi.auth.ldap.userSearchString }}" + - name: AUTH_LDAP_GROUP + value: "{{ .Values.sigi.auth.ldap.group }}" + - name: AUTH_LDAP_GROUP_SEARCH_STRING + value: "{{ .Values.sigi.auth.ldap.groupSearchString }}" + - name: AUTH_LDAP_GROUP_TYPE_STRING + value: "{{ .Values.sigi.auth.ldap.groupTypeString }}" + - name: AUTH_LDAP_USER_ATTR_MAP + value: "{{ .Values.sigi.auth.ldap.userAttrMap }}" + - name: AUTH_LDAP_PROFILE_ATTR_MAP + value: "{{ .Values.sigi.auth.ldap.profileAttrMap }}" + - name: AUTH_LDAP_FIND_GROUP_PERMS + value: "{{ .Values.sigi.auth.ldap.findGroupPerms }}" + - name: AUTH_LDAP_MIRROR_GROUPS + value: "{{ .Values.sigi.auth.ldap.mirrorGroups }}" + - name: AUTH_LDAP_CACHE_GROUPS + value: "{{ .Values.sigi.auth.ldap.cacheGroups }}" + - name: AUTH_LDAP_GROUP_CACHE_TIMEOUT + value: "{{ .Values.sigi.auth.ldap.groupCacheTimeout }}" + - name: AUTH_PROFILE_MODULE + value: "{{ .Values.sigi.auth.profileModule }}" volumeMounts: # - mountPath: /var/interlegis/sigi/data # name: data diff --git a/charts/sigi/v0.1.0/templates/hpa.yaml b/charts/sigi/v0/templates/hpa.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/hpa.yaml rename to charts/sigi/v0/templates/hpa.yaml diff --git a/charts/sigi/v0.1.0/templates/ingress.yaml b/charts/sigi/v0/templates/ingress.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/ingress.yaml rename to charts/sigi/v0/templates/ingress.yaml diff --git a/charts/sigi/v0.1.0/templates/pvc-media.yaml b/charts/sigi/v0/templates/pvc-media.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/pvc-media.yaml rename to charts/sigi/v0/templates/pvc-media.yaml diff --git a/charts/sigi/v0.1.0/templates/secretkey.yaml b/charts/sigi/v0/templates/secretkey.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/secretkey.yaml rename to charts/sigi/v0/templates/secretkey.yaml diff --git a/charts/sigi/v0.1.0/templates/service.yaml b/charts/sigi/v0/templates/service.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/service.yaml rename to charts/sigi/v0/templates/service.yaml diff --git a/charts/sigi/v0.1.0/templates/velero-schedule-monthly.yaml b/charts/sigi/v0/templates/velero-schedule-monthly.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/velero-schedule-monthly.yaml rename to charts/sigi/v0/templates/velero-schedule-monthly.yaml diff --git a/charts/sigi/v0.1.0/templates/velero-schedule-weekdays.yaml b/charts/sigi/v0/templates/velero-schedule-weekdays.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/velero-schedule-weekdays.yaml rename to charts/sigi/v0/templates/velero-schedule-weekdays.yaml diff --git a/charts/sigi/v0.1.0/templates/velero-schedule-weekly.yaml b/charts/sigi/v0/templates/velero-schedule-weekly.yaml similarity index 100% rename from charts/sigi/v0.1.0/templates/velero-schedule-weekly.yaml rename to charts/sigi/v0/templates/velero-schedule-weekly.yaml diff --git a/charts/sigi/v0.1.0/values.yaml b/charts/sigi/v0/values.yaml similarity index 73% rename from charts/sigi/v0.1.0/values.yaml rename to charts/sigi/v0/values.yaml index 7bdad6b..c1c1b50 100644 --- a/charts/sigi/v0.1.0/values.yaml +++ b/charts/sigi/v0/values.yaml @@ -48,16 +48,30 @@ persistence: size: 2Gi sigi: - adminPassword: altereme - adminEmail: sigi@interlegis.leg.br - emailSendUser: no-reply@interlegis.leg.br debug: 'False' - useTls: 'False' - emailPort: 25 - emailHost: mail.interlegis.leg.br + hostname: {{ include "sigi.fullname" . }}.interlegis.leg.br timeZone: 'America/Sao_Paulo' - hostname: 'sigi.interlegis.leg.br' language: 'pt_BR.UTF-8' + emailPort: 25 + emailHost: smtp.interlegis.leg.br + defaultFromEmail: sigi@interlegis.leg.br + auth: + ldap: + serverURI: 'ldap://ad.senado.gov.br' + bindDN: 'CN=Sistema de Informações Gerenciais do Interlegis Service Account,OU=_UsuariosServicos,OU=2-AdministracaoSistemas,DC=senado,DC=gov,DC=br' + bindPwd: 'RgtJdtvas7s4BSpjnVnR' + user: 'U=UsuariosPessoas,DC=senado,DC=gov,DC=br' + userSearchString: '(sAMAccountName=%(user)s)' + group: 'OU=GruposAutomaticosOU,DC=senado,DC=gov,DC=br' + groupSearchString: '(objectClass=Group)' + groupTypeString: 'cn' + userAttrMap: {"first_name": "givenName", "last_name": "sn", "email": "userPrincipalName", 'is_staff': "cn",} + profileAttrMap: {"nome_completo": "cn"} + findGroupPerms: True + mirrorGroups: True + cacheGroups: True + groupCacheTimeout: 3600 + profileModule: 'servidores.Servidor' ingress: enabled: true @@ -113,7 +127,6 @@ postgresql: cpu: 50m memory: 64Mi - resources: limits: cpu: 1000m