diff --git a/charts/sigi/v0.2.3/Chart.yaml b/charts/sigi/v0.2.3/Chart.yaml index 1436b89..abc7f85 100644 --- a/charts/sigi/v0.2.3/Chart.yaml +++ b/charts/sigi/v0.2.3/Chart.yaml @@ -13,7 +13,7 @@ version: 0.2.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 3.0.0 +appVersion: 3.0.38 icon: https://git.interlegis.leg.br/SEIT/rancher-charts/raw/master/images/sigi_interlegis.png diff --git a/charts/sigi/v0.2.3/templates/deployment.yaml b/charts/sigi/v0.2.3/templates/deployment.yaml index 0b11d90..cedb5a5 100644 --- a/charts/sigi/v0.2.3/templates/deployment.yaml +++ b/charts/sigi/v0.2.3/templates/deployment.yaml @@ -46,111 +46,54 @@ spec: - name: DATABASE_URL value: {{ printf "postgresql://%s:%s@%s:5432/%s" .Values.postgresql.auth.username .Values.postgresql.auth.password (include "postgresql.fullname" .) .Values.postgresql.auth.database| quote }} - name: ADMINS - valueFrom: - configMapKeyRef: - name: sigi-email - key: ADMINS + value: "{{ .Values.sigi.emailAdmins }}" - name: EMAIL_PORT - valueFrom: - configMapKeyRef: - name: sigi-email - key: EMAIL_PORT + value: "{{ .Values.sigi.emailPort }}" - name: EMAIL_HOST - valueFrom: - configMapKeyRef: - name: sigi-email - key: EMAIL_HOST + value: "{{ .Values.sigi.emailHost }}" - name: DEFAULT_FROM_EMAIL - valueFrom: - configMapKeyRef: - name: sigi-email - key: DEFAULT_FROM_EMAIL + value: "{{ .Values.sigi.defaultFromEmail }}" - name: AUTH_LDAP_SERVER_URI - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_SERVER_URI + value: "{{ .Values.sigi.auth.ldap.serverURI }}" - name: AUTH_LDAP_BIND_DN - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_BIND_DN + value: "{{ .Values.sigi.auth.ldap.bindDN }}" - name: AUTH_LDAP_USER - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_USER + value: "{{ .Values.sigi.auth.ldap.user }}" + - name: AUTH_LDAP_BIND_PASSWORD + valueFrom: + # Secret Key + secretKeyRef: + name: {{ include "sigi.fullname" . }}-auth-ldap-key + key: AUTH_LDAP_BIND_PASSWORD - name: AUTH_LDAP_USER_SEARCH_STRING - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_USER_SEARCH_STRING + value: "{{ .Values.sigi.auth.ldap.userSearchString }}" + - name: AUTH_LDAP_USER_ATTR_MAP + value: {{ .Values.sigi.auth.ldap.userAttrMap | quote }} - name: AUTH_LDAP_GROUP - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_GROUP + value: "{{ .Values.sigi.auth.ldap.group }}" - name: AUTH_LDAP_GROUP_SEARCH_STRING - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_GROUP_SEARCH_STRING + value: "{{ .Values.sigi.auth.ldap.groupSearchString }}" - name: AUTH_LDAP_GROUP_TYPE_STRING - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_GROUP_TYPE_STRING - - name: AUTH_LDAP_USER_ATTR_MAP - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_USER_ATTR_MAP - - name: AUTH_LDAP_PROFILE_ATTR_MAP - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_PROFILE_ATTR_MAP + value: "{{ .Values.sigi.auth.ldap.groupTypeString }}" - name: AUTH_LDAP_FIND_GROUP_PERMS - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_FIND_GROUP_PERMS + value: "{{ .Values.sigi.auth.ldap.findGroupPerms }}" - name: AUTH_LDAP_MIRROR_GROUPS - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_MIRROR_GROUPS + value: "{{ .Values.sigi.auth.ldap.mirrorGroups }}" - name: AUTH_LDAP_CACHE_GROUPS - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_CACHE_GROUPS + value: "{{ .Values.sigi.auth.ldap.cacheGroups }}" - name: AUTH_LDAP_GROUP_CACHE_TIMEOUT - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_LDAP_GROUP_CACHE_TIMEOUT + value: "{{ .Values.sigi.auth.ldap.groupCacheTimeout }}" + - name: AUTH_LDAP_PROFILE_ATTR_MAP + value: {{ .Values.sigi.auth.ldap.profileAttrMap | quote }} - name: AUTH_PROFILE_MODULE - valueFrom: - configMapKeyRef: - name: sigi-auth-ldap - key: AUTH_PROFILE_MODULE - - name: AUTH_LDAP_BIND_PASSWORD - valueFrom: - # Secret Key - secretKeyRef: - name: sigi-auth-ldap-key - key: AUTH_LDAP_BIND_PASSWORD + value: "{{ .Values.sigi.auth.profileModule }}" - name: MOODLE_BASE_URL - valueFrom: - configMapKeyRef: - name: sigi-saberes-url - key: MOODLE_BASE_URL + value: "{{ .Values.sigi.saberes.moodleUrl }}" - name: MOODLE_API_TOKEN valueFrom: # Secret Key secretKeyRef: - name: sigi-saberes-tkn + name: {{ include "sigi.fullname" . }}-saberes-tkn key: MOODLE_API_TOKEN volumeMounts: # - mountPath: /var/interlegis/sigi/data diff --git a/charts/sigi/v0.2.3/values.yaml b/charts/sigi/v0.2.3/values.yaml index bc4a7e3..a8f4e81 100644 --- a/charts/sigi/v0.2.3/values.yaml +++ b/charts/sigi/v0.2.3/values.yaml @@ -54,6 +54,7 @@ sigi: language: 'pt_BR.UTF-8' emailPort: 25 emailHost: 'smtp.interlegis.leg.br' + emailAdmins: "(('SIGI Administrator', 'sigi@interlegis.leg.br'),)" defaultFromEmail: 'sigi@interlegis.leg.br' auth: ldap: @@ -61,19 +62,20 @@ sigi: bindDN: 'CN=Sistema de Informações Gerenciais do Interlegis Service Account,OU=_UsuariosServicos,OU=2-AdministracaoSistemas,DC=senado,DC=gov,DC=br' bindPwd: 'RgtJdtvas7s4BSpjnVnR' user: 'U=UsuariosPessoas,DC=senado,DC=gov,DC=br' - userSearchString: '(sAMAccountName=%(user)s)' - group: 'OU=GruposAutomaticosOU,DC=senado,DC=gov,DC=br' - groupSearchString: '(objectClass=Group)' - groupTypeString: 'cn' - findGroupPerms: True - mirrorGroups: True - cacheGroups: True - groupCacheTimeout: 3600 + userSearchString: '(&(sAMAccountName=%(user)s)(department=*ILB*)(!(title=*Desligad*))(!(title=*inativ*)))' + userAttrMap: '{"first_name": "givenName", "last_name": "sn", "email": "userPrincipalName", }' + group: '' + groupSearchString: '' + groupTypeString: '' + findGroupPerms: False + mirrorGroups: False + cacheGroups: False + groupCacheTimeout: 0 + profileAttrMap: '{"nome_completo": "cn"}' profileModule: 'servidores.Servidor' - -saberes: - moodleURL: 'https://saberes.senado.leg.br' - moodleToken: '' + saberes: + moodleUrl: 'https://saberes.senado.leg.br' + moodleToken: 'altereme' ingress: enabled: true