From cd9d46debb5ce9a2a5db56aef4377a8f0ca7b793 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Str=C3=B6hl?= Date: Tue, 2 Jan 2024 13:16:49 +0100 Subject: [PATCH 01/10] update uba worker to version 10.7.0 --- values_nsodev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 6b72a38..e57c346 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -172,7 +172,7 @@ smardigo-worker: uba: enabled: true image: - version: 10.6.0 + version: 10.7.0 sepa: enabled: true image: From d81e94ada8df9c833cc23d485c677fe64c4985a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Str=C3=B6hl?= Date: Fri, 12 Jan 2024 08:28:12 +0100 Subject: [PATCH 02/10] update smardigo at dev-stage --- values_nsodev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index e57c346..02865fb 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -140,7 +140,7 @@ smardigo-connect: restart: 20231511-1224 domain: connect-nsodev-prodwork01.smardigo.digital image: - version: 11.1.49 + version: 11.2.21 envvars: tenant_id: nsodev-mobene oidc: From b4682ae10299c5a0f6a5fbce879bcab6638d26f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Str=C3=B6hl?= Date: Fri, 12 Jan 2024 09:22:25 +0100 Subject: [PATCH 03/10] update process search at dev-stage --- values_nsodev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 02865fb..2d229c5 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -165,6 +165,8 @@ smardigo-connect: four_eyes_principle_deletion: true config_delete_scope_enabled: true processSearch: + image: + version: 1.4.5 additional_labels: restart: 20231012-1210 From 37a17c9d1de56d8f2f77fbc019823e6b3e476a26 Mon Sep 17 00:00:00 2001 From: MIchael Haehnel Date: Mon, 15 Jan 2024 11:32:11 +0100 Subject: [PATCH 04/10] NOTICKET: Fix wordpress ingress ip whitelist --- values_nsodev.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 2d229c5..3120ed6 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -100,8 +100,7 @@ smardigo-connect: volume: size: 20Gi additionalVolumes: - - - name: backup-monitoring-script + - name: backup-monitoring-script mountPath: /nso_scripts volumeSource: configMap: @@ -109,8 +108,7 @@ smardigo-connect: defaultMode: 0777 targetContainers: - postgres - - - name: pg-backup-script + - name: pg-backup-script mountPath: /scripts/postgres_backup.sh subPath: postgres_backup.sh volumeSource: @@ -119,8 +117,7 @@ smardigo-connect: defaultMode: 0777 targetContainers: - postgres - - - name: pg-reschedulebackup-script + - name: pg-reschedulebackup-script mountPath: /scripts/backup_retry.sh subPath: backup_retry.sh volumeSource: @@ -159,7 +156,7 @@ smardigo-connect: process_search_client_enabled: true mail: properties: - allowed_domains: 'netgo.de' + allowed_domains: "netgo.de" ocr: enabled: true four_eyes_principle_deletion: true @@ -211,9 +208,11 @@ smardigo-wordpress: - name: "*.connect-wordpress-nsodev-prodwork01.smardigo.digital" path: / extraTls: - - hosts: - - "*.connect-wordpress-nsodev-prodwork01.smardigo.digital" - secretName: "connect-wordpress-nsodev-prodwork01.smardigo.digital-wildcard-tls" + - hosts: + - "*.connect-wordpress-nsodev-prodwork01.smardigo.digital" + secretName: "connect-wordpress-nsodev-prodwork01.smardigo.digital-wildcard-tls" + annotations: + nginx.ingress.kubernetes.io/whitelist-source-range: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" commonLabels: app: wordpress From ee9ff588e105617243b0603da6ba484f41c6a3e8 Mon Sep 17 00:00:00 2001 From: "Paula.Blechschmidt" Date: Tue, 16 Jan 2024 15:43:58 +0100 Subject: [PATCH 05/10] update wordpress-initializer at dev to 11.0.5 --- values_nsodev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 3120ed6..a31457d 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -185,7 +185,7 @@ smardigo-worker: wordpressInitializer: enabled: true image: - version: 11.0.3 + version: 11.0.5 additional_labels: restart: 20231031-0950 config: From ee30ccc9d3e8d493a9b06fae30fef3931970a8b7 Mon Sep 17 00:00:00 2001 From: Johannes Wicovsky Date: Wed, 17 Jan 2024 14:03:00 +0100 Subject: [PATCH 06/10] update connect to 11.2.24 to fix bug with datasource-editor --- values_nsodev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index a31457d..43f49a5 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -137,7 +137,7 @@ smardigo-connect: restart: 20231511-1224 domain: connect-nsodev-prodwork01.smardigo.digital image: - version: 11.2.21 + version: 11.2.24 envvars: tenant_id: nsodev-mobene oidc: From 41c9cc4b0043662b5fc1e79894012200524aa278 Mon Sep 17 00:00:00 2001 From: "Paula.Blechschmidt" Date: Fri, 19 Jan 2024 12:03:42 +0100 Subject: [PATCH 07/10] add netgo ms teams webhook ip --- .../connect/netpol_egress-connect2netgo.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 templates/connect/netpol_egress-connect2netgo.yaml diff --git a/templates/connect/netpol_egress-connect2netgo.yaml b/templates/connect/netpol_egress-connect2netgo.yaml new file mode 100644 index 0000000..9e0eb01 --- /dev/null +++ b/templates/connect/netpol_egress-connect2netgo.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: egress-connect2netgo +spec: + egress: + - ports: + - port: 443 + protocol: TCP + to: + - ipBlock: + cidr: 52.98.232.2/32 + podSelector: + matchLabels: + app: connect + policyTypes: + - Egress From 86c46114bad78507c0bf4b3cb2721022ddf907bc Mon Sep 17 00:00:00 2001 From: Hoan To Date: Wed, 24 Jan 2024 11:55:36 +0100 Subject: [PATCH 08/10] increased cusprod s3 storage (cherry picked from commit 22f4393070ed6b565a065e1fb7c1d4ad160887f5) (cherry picked from commit 4d63ba8fd6880239cca7cf3cfe2b0ba214fe581c) --- values_cusprod.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_cusprod.yaml b/values_cusprod.yaml index 9bbf2fa..0981ad9 100644 --- a/values_cusprod.yaml +++ b/values_cusprod.yaml @@ -23,7 +23,7 @@ tenant: - servers: 4 volumesPerServer: 2 storageClassName: hcloud-volumes - size: 400Gi + size: 600Gi buckets: - name: postgres region: "" From 399ba91baee40ffb13a0e6272fa8fad278d17ac5 Mon Sep 17 00:00:00 2001 From: Hoan To Date: Fri, 26 Jan 2024 12:26:13 +0100 Subject: [PATCH 09/10] NOTICKET: increased nsodev s3 pvc size --- values_nsodev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values_nsodev.yaml b/values_nsodev.yaml index 43f49a5..243c6bf 100644 --- a/values_nsodev.yaml +++ b/values_nsodev.yaml @@ -10,7 +10,7 @@ tenant: - servers: 4 volumesPerServer: 2 storageClassName: hcloud-volumes - size: 30Gi + size: 60Gi buckets: - name: postgres region: "" From 688005326531ca2c3ef0bfffad55a52501025417 Mon Sep 17 00:00:00 2001 From: Paula Blechschmidt Date: Mon, 29 Jan 2024 15:25:01 +0100 Subject: [PATCH 10/10] revert webhook ip addition --- .../connect/netpol_egress-connect2netgo.yaml | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 templates/connect/netpol_egress-connect2netgo.yaml diff --git a/templates/connect/netpol_egress-connect2netgo.yaml b/templates/connect/netpol_egress-connect2netgo.yaml deleted file mode 100644 index 9e0eb01..0000000 --- a/templates/connect/netpol_egress-connect2netgo.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: egress-connect2netgo -spec: - egress: - - ports: - - port: 443 - protocol: TCP - to: - - ipBlock: - cidr: 52.98.232.2/32 - podSelector: - matchLabels: - app: connect - policyTypes: - - Egress