From 5f925c1f0480efd9a7f0a7537a94d1a4592af058 Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Tue, 4 Mar 2025 21:33:23 +0100
Subject: [PATCH] WIP
Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>
---
.../at/tuwien/endpoints/SubsetEndpoint.java | 1 +
helm/dbrepo/files/02-setup-data.sql | 8 --
helm/dbrepo/templates/analyse-deployment.yaml | 2 +-
helm/dbrepo/templates/auth-configmap.yaml | 12 +++
helm/dbrepo/templates/auth-job.yaml | 4 +-
helm/dbrepo/templates/auth-secret.yaml | 94 +++++++++++++++++--
helm/dbrepo/templates/data-deployment.yaml | 2 +-
helm/dbrepo/templates/gateway-configmap.yaml | 20 ++--
.../templates/identity-statefulset.yaml | 2 +-
helm/dbrepo/templates/metadata-configmap.yaml | 8 +-
.../dbrepo/templates/metadata-deployment.yaml | 2 +-
helm/dbrepo/templates/search-deployment.yaml | 2 +-
helm/dbrepo/templates/ui-deployment.yaml | 2 +-
helm/dbrepo/values.yaml | 6 +-
14 files changed, 123 insertions(+), 42 deletions(-)
delete mode 100644 helm/dbrepo/files/02-setup-data.sql
diff --git a/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java b/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
index 4ca4810f77..7ca50f8aa8 100644
--- a/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
+++ b/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
@@ -175,6 +175,7 @@ public class SubsetEndpoint extends RestEndpoint {
final QueryDto subset;
try {
subset = subsetService.findById(database, subsetId);
+ subset.setIdentifiers(metadataServiceGateway.getIdentifiers(database.getId(), subset.getId()));
} catch (SQLException e) {
log.error("Failed to establish connection to database: {}", e.getMessage());
throw new DatabaseUnavailableException("Failed to establish connection to database: " + e.getMessage(), e);
diff --git a/helm/dbrepo/files/02-setup-data.sql b/helm/dbrepo/files/02-setup-data.sql
deleted file mode 100644
index dc4917cd8b..0000000000
--- a/helm/dbrepo/files/02-setup-data.sql
+++ /dev/null
@@ -1,8 +0,0 @@
-BEGIN;
-
-INSERT INTO `mdb_containers` (id, name, internal_name, image_id, host, port, ui_host, ui_port, privileged_username,
- privileged_password)
-VALUES ('6cfb3b8e-1792-4e46-871a-f3d103527203', 'mariadb:11.1.3-debian-11-r6', 'mariadb_11_1_3',
- 'd79cb089-363c-488b-9717-649e44d8fcc5', 'data-db', 3306, 'localhost', 3306, 'root', 'dbrepo');
-
-COMMIT;
diff --git a/helm/dbrepo/templates/analyse-deployment.yaml b/helm/dbrepo/templates/analyse-deployment.yaml
index b2e069322b..d3e6b699c0 100644
--- a/helm/dbrepo/templates/analyse-deployment.yaml
+++ b/helm/dbrepo/templates/analyse-deployment.yaml
@@ -44,7 +44,7 @@ spec:
- /bin/bash
- -ec
- "curl -sSL localhost:8080/health | grep 'UP' || exit 1"
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
exec:
diff --git a/helm/dbrepo/templates/auth-configmap.yaml b/helm/dbrepo/templates/auth-configmap.yaml
index 4e95365743..6fe5b9ed1d 100644
--- a/helm/dbrepo/templates/auth-configmap.yaml
+++ b/helm/dbrepo/templates/auth-configmap.yaml
@@ -8,6 +8,18 @@ binaryData:
create-event-listener.jar: |-
{{ .Files.Get "files/create-event-listener.jar" | b64enc }}
data:
+ AUTH_SERVICE_ADMIN: "{{ .Values.authservice.auth.adminUser }}"
+ AUTH_SERVICE_ADMIN_PASSWORD: "{{ .Values.authservice.auth.adminPassword }}"
+ AUTH_SERVICE_ENDPOINT: "{{ .Values.authservice.endpoint }}"
+ LDAP_ROOT: "{{ .Values.identityservice.global.ldapDomain }}"
+ LDAP_ADMIN_DN: "cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }}"
+ LDAP_ADMIN_PASSWORD: "{{ .Values.identityservice.global.adminPassword }}"
+ METADATA_DB: "{{ .Values.metadatadb.db.name }}"
+ METADATA_DB_PASSWORD: "{{ .Values.metadatadb.rootUser.password }}"
+ METADATA_SERVICE_ENDPOINT: "{{ .Values.metadataservice.endpoint }}"
+ METADATA_USERNAME: "{{ .Values.metadatadb.rootUser.user }}"
+ SYSTEM_USERNAME: "{{ .Values.identityservice.users }}"
+ SYSTEM_PASSWORD: "{{ .Values.identityservice.userPasswords }}"
{{ (.Files.Glob "files/dbrepo-realm.json").AsConfig | nindent 2 }}
{{ (.Files.Glob "files/master-realm.json").AsConfig | nindent 2 }}
{{- end }}
\ No newline at end of file
diff --git a/helm/dbrepo/templates/auth-job.yaml b/helm/dbrepo/templates/auth-job.yaml
index 5771f817ff..ca58e6a287 100644
--- a/helm/dbrepo/templates/auth-job.yaml
+++ b/helm/dbrepo/templates/auth-job.yaml
@@ -30,8 +30,8 @@ spec:
fieldRef:
fieldPath: metadata.namespace
envFrom:
- - secretRef:
- name: auth-service-secret
+ - configMapRef:
+ name: auth-service-config
{{- if .Values.authservice.setupJob.resources }}
resources: {{- toYaml .Values.authservice.setupJob.resources | nindent 12 }}
{{- else if ne .Values.authservice.setupJob.resourcesPreset "none" }}
diff --git a/helm/dbrepo/templates/auth-secret.yaml b/helm/dbrepo/templates/auth-secret.yaml
index cb2b2a6aeb..0d1b5625c5 100644
--- a/helm/dbrepo/templates/auth-secret.yaml
+++ b/helm/dbrepo/templates/auth-secret.yaml
@@ -1,4 +1,5 @@
{{- if .Values.authservice.enabled }}
+{{/*openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"*/}}
---
apiVersion: v1
kind: Secret
@@ -6,13 +7,88 @@ metadata:
name: auth-service-secret
namespace: {{ include "common.names.namespace" . | quote }}
stringData:
- AUTH_SERVICE_ADMIN: "{{ .Values.authservice.auth.adminUser }}"
- AUTH_SERVICE_ADMIN_PASSWORD: "{{ .Values.authservice.auth.adminPassword }}"
- AUTH_SERVICE_ENDPOINT: "{{ .Values.authservice.endpoint }}"
- METADATA_DB: "{{ .Values.metadatadb.db.name }}"
- METADATA_DB_PASSWORD: "{{ .Values.metadatadb.rootUser.password }}"
- METADATA_SERVICE_ENDPOINT: "{{ .Values.metadataservice.endpoint }}"
- METADATA_USERNAME: "{{ .Values.metadatadb.rootUser.user }}"
- SYSTEM_USERNAME: "{{ .Values.identityservice.users }}"
- SYSTEM_PASSWORD: "{{ .Values.identityservice.userPasswords }}"
+ tls.key: |-
+ -----BEGIN PRIVATE KEY-----
+ MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDdgSRp+M9I4b/Y
+ c21SXAnRpjq85U2u4zvB3tcRSvZpyWtsBuwHY2OEGUVClPEYvT8QhRRMdcKiXA78
+ Q5FiXPGidc3kJhgt2PE4R5GaoLG5vGGQimnASE31f94y+zDWhvNxCluix08FM7Z2
+ VHpYQHWZFveltP1jf68gmQDgu99hZ/Zri9ig8b99q9xITXMw6gbmdesadlNLaAET
+ wjBJe44+Y/uQ3VHQUCIPQxgPPzEivceR1beUpnfcmVYmO8O4f0u5OvyN1BbIhdjt
+ VVt29s/V8QPDsE8McnImoTLN10cACq66volnDTrlM9x5Grg89GlzbpQsPkBMltY9
+ NTP3+NFSrpfu7VjEVYO/O5k6JFFfMlqHUtygaNi7dOeOY3IiytL7rvxWLGUQYB7b
+ e662ETK8nw5F+yGiae6spZPf7nmI2iLs8ja5QneU6mQrKfqO/KRJBehwZP2771nj
+ RO3BIyJPm1oygnihWG+jTy9zDYCguJrPZ1f1hvUzfmpCKtyqaxGmxPA8YDu4dyL9
+ rJgf3oT5fYv3nDpMePDYh3Z18YeqYJf4pmDv53Wus5CoXURfc3NRRTqMQKLKOYvV
+ WTiM4odY4+VkbgOUOrLxOK5llZSB6bO52KccKpQnQLt30okGQXDlsR1hbFIDAI1N
+ WilFsry4JpVcxjTJGQMV2W0TcG+fkQIDAQABAoICAD84Sb1ZP0hM7mWH5E7aaA8H
+ Q8KAK+DbiEW4JWgRHi1pSJinjRw6uL+OOt9bBUkLUoGTigycm7WdUsWbP1Z0sp6s
+ wtv4J3SGc6qdeqhIbxFU+/+2EaLIwD9uhGvGl9TS5Y6A51CZVCtm7A/v4o9nrmjI
+ TlxkQOHyInjKUp7R4Fq7wnBFlMmy1fW3ZILaYCM42ElUpIqD9RgTkiMijIeclSen
+ f7iEAoLTLDVw7+ACKDMDOX+dIO1zachzl0wISL9SzbkLZePRAcOvuA9dCmL05LLq
+ PCnRG26xB3WREp//botLgT1ZfnwEIagjWizSfH0hQSuqBu5twgpaDsGferqusIdB
+ hbikXR4TdobvUfkg/pNqcpx8HuqTR1QYTUOp3Bw7lpHKihuDLcjhXs0d+7c/sFFd
+ OZmBCrbV8DKhGXfQ/Uz1BnROVchbzkrIVWVBMx1QZxGDt6xiAF0yCdkDQI2cQxn3
+ scRSg8AQjBqo+yb7YYVcegIFLV4xXnYei25D+GITR1XppNZ/8wdMtQt0IiWqzTax
+ Z4UDMUeE0Z1ce8VCZ3Qkg4gPAEPiAoCfZLZIgMFLIvMAf+6SegnkZTsL+TYRXxC2
+ nFE41iBEUvd3wsIwOCOJXrb4ftL/ivEllpy+Uwy39cSV5+YymeG174+KJPTeN6v7
+ 1b0NlTuFYqcrKNkzefQlAoIBAQD+WOTR5Cr9A/TtJCLI6fhzFefMHiGiVu24jM0k
+ lcguOxW633F8odoSzxyXt5Fa8muJV4qBE9j/wsV6xoSuFCqh+YPd/WCa4WIBR9qe
+ KqNrA+I0G/ORJgZxMm3FvW9dtiT1JHTs6mczh0SGtGB/uDINOqmeuT/Nz4/easL+
+ B7Ih6wqnNUnCntWEzJ5WfIiOofQ5YjSlrskggC1Mn8Ygo24XQoVTq/+QV/Ju/PnQ
+ nRZWKN6O8C9akbKjJ9DeEK3Qj6Lhja+blrKyopL5eAppKq1MlzZ+RU0q/SfAlmbq
+ IkThiSOcdeCqSGjJU3sYk5x8IQBp9EDrb4snhm6TtaAyxOWnAoIBAQDe8Z1QjCWb
+ f5tdbmuACDxY1x72R++dhKwyLIX/EpPL80MSpesrfsfIsmATWWgxZEiGBekchP69
+ qB/rcpBAefrr85QD8y5zvAv6gNhjE7pqKgDtyNF+osulLD+ZattqZlHH5S74aOyi
+ oGtOCHcETGJhGHrePSLRwm9e/q2e2zXLyyD32a9WWvhwA0uLMDEFshXw9kE41jrZ
+ MqeBf6HsEAKWAhuE2Tj0lYWbULhDgBPV6f/rgNU41Rm+cs5j98ONkNEuP1jjyc8J
+ Cg/JrBzcUUDkTa7RRtcN9g2FilpZRi6CErKpK4u6OLu8VXz+zY4gQFiVZRUvXGCF
+ E4k0098VYugHAoIBAQDsV+n4Z47SoTScjzGLhG4LctV7xJv4X9Jx5NRTJKNo4hpl
+ FXA9IaCkTbQB/t+gpRbr/l6DZtADiRc76PAtWivraxHv25xDDx+klQI+atyDeo5d
+ YYPI4o6l7Pg4ALlVWQWqjX/hDkdriExS55Wr2JsZ0+L9zKHPOwoy4P3kU35hKiky
+ CsBJipJZ3lFbiEjUUQXBtNG7C1l1S+XMB8NxXKvWDUga4f6OQErUe1ofUXkKAtwb
+ 8m/uNujJ1xus3c7FuFLgSGpfp37Ro2PzUGpMIw3516EZYIg+ZBLmUFu9QK7E7Ewc
+ /SQQ10wXl+0Qf0mvxnK+Aeu5WmLyDWb+9oyv4GqNAoIBAQC9v8DYBGAhx+sRC2D9
+ eIT8TCOzE6jSVVBF5/UoEsSuKl5k6ciNnXsmywLQlSEEIMlFIJS2TE+QVh7MwxYZ
+ enhhCFBrSDe6E0vSqoUBVpIrt5JQz8HWWXKgI1gCGJulJG7ohpyCmrME+yo5ISVD
+ CEwXPcGdk0UmaKlnnbVh5ksUJ8/og2MjSYv3siZC0gJ3SYo5Ky551IQDxoQgyOOk
+ yj+ZMzP+zu8V5IjxlzMtaD35rA7Af0d69ozRtl8JYKAUxjPze8EJJwNKO0ESsaVi
+ stlbNu7aecOhw1Dg3s9k+kGtPYLITyK+nXjTo6MeLw+PTZTXmk/8nlAcE3OM/eL6
+ DdNTAoIBAEib9d8V1gTNWecBxmWbGnxqb+08tcvlhyVe055ndmu1S2kQb0tcfcc+
+ y0YIXnN/d8poHPCoaO7CXgh0AOlznayywzwncuEP9Cngcq285rkjCpq1YxU9c1rq
+ iKUEjCATBZ1QqQoElmsAffU3N1bQdSv5u2lWxQ2VBZYjubv3DPSRAY9amYbHA+Dy
+ xW7FY9haFX71aQNquN8nGjF0q46JrMgi1BSh+rLMdLqLUJ8kjpEO3nExEnYrzHgF
+ o+PzcyNgP6N0bkSlUc19p18LKkCU1yimA54CMGNk5bcB9pylJQsV3ldv+Ra6JJux
+ Px0kzVCk41nBfNgjXe3s2BLlEhh3Lrk=
+ -----END PRIVATE KEY-----
+ tls.crt: |-
+ -----BEGIN CERTIFICATE-----
+ MIIFDzCCAvegAwIBAgIUCRgz8OLg6bHay9kWHFgSp9SF3RAwDQYJKoZIhvcNAQEL
+ BQAwFzEVMBMGA1UEAwwMYXV0aC1zZXJ2aWNlMB4XDTI1MDMwNDE5NDUxOVoXDTM1
+ MDMwMjE5NDUxOVowFzEVMBMGA1UEAwwMYXV0aC1zZXJ2aWNlMIICIjANBgkqhkiG
+ 9w0BAQEFAAOCAg8AMIICCgKCAgEA3YEkafjPSOG/2HNtUlwJ0aY6vOVNruM7wd7X
+ EUr2aclrbAbsB2NjhBlFQpTxGL0/EIUUTHXColwO/EORYlzxonXN5CYYLdjxOEeR
+ mqCxubxhkIppwEhN9X/eMvsw1obzcQpbosdPBTO2dlR6WEB1mRb3pbT9Y3+vIJkA
+ 4LvfYWf2a4vYoPG/favcSE1zMOoG5nXrGnZTS2gBE8IwSXuOPmP7kN1R0FAiD0MY
+ Dz8xIr3HkdW3lKZ33JlWJjvDuH9LuTr8jdQWyIXY7VVbdvbP1fEDw7BPDHJyJqEy
+ zddHAAquur6JZw065TPceRq4PPRpc26ULD5ATJbWPTUz9/jRUq6X7u1YxFWDvzuZ
+ OiRRXzJah1LcoGjYu3TnjmNyIsrS+678VixlEGAe23uuthEyvJ8ORfshomnurKWT
+ 3+55iNoi7PI2uUJ3lOpkKyn6jvykSQXocGT9u+9Z40TtwSMiT5taMoJ4oVhvo08v
+ cw2AoLiaz2dX9Yb1M35qQircqmsRpsTwPGA7uHci/ayYH96E+X2L95w6THjw2Id2
+ dfGHqmCX+KZg7+d1rrOQqF1EX3NzUUU6jECiyjmL1Vk4jOKHWOPlZG4DlDqy8Tiu
+ ZZWUgemzudinHCqUJ0C7d9KJBkFw5bEdYWxSAwCNTVopRbK8uCaVXMY0yRkDFdlt
+ E3Bvn5ECAwEAAaNTMFEwHQYDVR0OBBYEFBWE851rO2U9WR+0md9lfAbkAtevMB8G
+ A1UdIwQYMBaAFBWE851rO2U9WR+0md9lfAbkAtevMA8GA1UdEwEB/wQFMAMBAf8w
+ DQYJKoZIhvcNAQELBQADggIBAI2dI9hT/xfnwtYAdBlyIJRW1IMn1vVo6Xm/UVrl
+ PPmbB2vQ13Z07vWi0Djwou+BwUhFSq6YRIe+bhQjg6On8O2581aNve97K1AwwB3O
+ YZztiyyJ5Moccrkb9Wy2MyfUiPqNY3O8Q0BRl793Tbv9G0gyNudO6FmmdWpfu/VT
+ ZAfiKRvNycC0BZp7A7tkvbtYWOQ7cGa9qpcVSBHvALj+3b+RKwDVf7K+YBkOXamT
+ Y2xE6KhHz0FJmFNTIkdwjA2M3CCh5M3QVHyXRDApNKiav5yU6TWBT7JQqZA6GV/+
+ jrVNl5fZwT5AHQmwQB0k1q1azjFREMLQXzgkfuSK5AiW+70KRpILxOMzx616FoZH
+ 2D+7sZ5EXnBVZmAL5WLSraOjwia+jyOUrTIUY8t+4kabxdKhQMhwOATUe4dAxIZK
+ VGHVHKNJ9+ktZ+j56AUUUNRWNx85LoMjh46e4T3rYm4CG9cBQAHGEXSn1i4bt14q
+ j4+9BNow4f/66XcUOsvPmiQGqPNWFYVj0QIq84yakzzVWdMm6MEu4WtlVPGlZmRV
+ OUHuaqiSmdGcHRVGdmqkTTpRUGASw7HR/7nPn3YFwP3yfZFUa44hbtAdQQll1O5Z
+ IuuDir8s195hl0UJ+9HilYEuOVjB7bS0Wc3sZxOP2U/98CBa4UzMuVDMhJ/WKs5U
+ znPt
+ -----END CERTIFICATE-----
{{- end }}
diff --git a/helm/dbrepo/templates/data-deployment.yaml b/helm/dbrepo/templates/data-deployment.yaml
index 291041948b..7e77d2020e 100644
--- a/helm/dbrepo/templates/data-deployment.yaml
+++ b/helm/dbrepo/templates/data-deployment.yaml
@@ -44,7 +44,7 @@ spec:
- /bin/bash
- -ec
- "curl -sSL localhost:8080/actuator/health/readiness | grep 'UP' || exit 1"
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
exec:
diff --git a/helm/dbrepo/templates/gateway-configmap.yaml b/helm/dbrepo/templates/gateway-configmap.yaml
index 162d65571d..076e305014 100644
--- a/helm/dbrepo/templates/gateway-configmap.yaml
+++ b/helm/dbrepo/templates/gateway-configmap.yaml
@@ -71,14 +71,12 @@ data:
}
location /api/upload {
- # allow 128.130.0.0/16;
- # deny all;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
- proxy_pass http://upload-service;
+ proxy_pass http://data-service;
proxy_read_timeout 90;
# Disable request and response buffering
proxy_request_buffering off;
@@ -95,7 +93,7 @@ data:
proxy_read_timeout 90;
}
- location ~ /api/database/([0-9]+)/table/([0-9]+)/(data|history|export) {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/table/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/(data|history|export)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -104,7 +102,7 @@ data:
proxy_read_timeout 90;
}
- location ~ /api/database/([0-9]+)/view/([0-9]+)/(data|export) {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/view/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/(data|export)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -113,7 +111,7 @@ data:
proxy_read_timeout 90;
}
- location ~ /api/database/([0-9]+)/view {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/view" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -122,7 +120,7 @@ data:
proxy_read_timeout 90;
}
- location ~ /api/database/([0-9]+)/subset {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/subset" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -131,7 +129,7 @@ data:
proxy_read_timeout 600;
}
- location ~ /api/(database|concept|container|identifier|image|message|license|oai|ontology|unit|user) {
+ location ~ "/api/(database|concept|container|identifier|image|message|license|oai|ontology|unit|user)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -140,7 +138,7 @@ data:
proxy_read_timeout 90;
}
- location ~ /pid/([0-9]+) {
+ location ~ "/pid/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})" {
rewrite /pid/(.*) /api/identifier/$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -150,10 +148,6 @@ data:
proxy_read_timeout 90;
}
- location /assets {
- root /etc/nginx/assets;
- }
-
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
diff --git a/helm/dbrepo/templates/identity-statefulset.yaml b/helm/dbrepo/templates/identity-statefulset.yaml
index 4d69c9b413..f65a547e66 100644
--- a/helm/dbrepo/templates/identity-statefulset.yaml
+++ b/helm/dbrepo/templates/identity-statefulset.yaml
@@ -49,7 +49,7 @@ spec:
- /bin/bash
- -ec
- "ldapwhoami -H ldap://localhost:1389 -D cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }} -w {{ .Values.identityservice.global.adminPassword }}"
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
exec:
diff --git a/helm/dbrepo/templates/metadata-configmap.yaml b/helm/dbrepo/templates/metadata-configmap.yaml
index af97ce1eda..a6b7ad8212 100644
--- a/helm/dbrepo/templates/metadata-configmap.yaml
+++ b/helm/dbrepo/templates/metadata-configmap.yaml
@@ -10,6 +10,12 @@ data:
{{ toYaml . | nindent 2 }}
{{- end }}
{{ (.Files.Glob "files/01-setup-schema.sql").AsConfig | nindent 2 }}
- {{ (.Files.Glob "files/02-setup-data.sql").AsConfig | nindent 2 }}
+ 02-setup-data.sql: |-
+ BEGIN;
+ INSERT INTO `mdb_containers` (id, name, internal_name, image_id, host, port, ui_host, ui_port, privileged_username,
+ privileged_password)
+ VALUES ('6cfb3b8e-1792-4e46-871a-f3d103527203', 'mariadb:11.1.3-debian-11-r6', 'mariadb_11_1_3',
+ 'd79cb089-363c-488b-9717-649e44d8fcc5', 'data-db', {{ .Values.datadb.containerPorts.mysql }}, '{{ .Values.hostname }}', {{ .Values.datadb.containerPorts.mysql }}, '{{ .Values.datadb.rootUser.user }}', '{{ .Values.datadb.rootUser.password }}');
+ COMMIT;
{{ (.Files.Glob "files/my.cnf").AsConfig | nindent 2 }}
{{- end }}
diff --git a/helm/dbrepo/templates/metadata-deployment.yaml b/helm/dbrepo/templates/metadata-deployment.yaml
index b00adf5e12..f5f27378e1 100644
--- a/helm/dbrepo/templates/metadata-deployment.yaml
+++ b/helm/dbrepo/templates/metadata-deployment.yaml
@@ -44,7 +44,7 @@ spec:
- /bin/bash
- -ec
- "curl -sSL localhost:8080/actuator/health/readiness | grep 'UP' || exit 1"
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
exec:
diff --git a/helm/dbrepo/templates/search-deployment.yaml b/helm/dbrepo/templates/search-deployment.yaml
index 9b9ed71b5b..98908f0c42 100644
--- a/helm/dbrepo/templates/search-deployment.yaml
+++ b/helm/dbrepo/templates/search-deployment.yaml
@@ -62,7 +62,7 @@ spec:
- /bin/bash
- -ec
- "curl -sSL localhost:8080/health | grep 'UP' || exit 1"
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
exec:
diff --git a/helm/dbrepo/templates/ui-deployment.yaml b/helm/dbrepo/templates/ui-deployment.yaml
index 96150e63d1..512b3f403f 100644
--- a/helm/dbrepo/templates/ui-deployment.yaml
+++ b/helm/dbrepo/templates/ui-deployment.yaml
@@ -46,7 +46,7 @@ spec:
httpGet:
path: /
port: 3000
- initialDelaySeconds: 120
+ initialDelaySeconds: 150
periodSeconds: 10
readinessProbe:
httpGet:
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index 8668253302..418009deec 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -102,7 +102,7 @@ authservice:
## @param authservice.tls.enabled Enable TLS/SSL communication. Required for HTTPS.
enabled: true
## @param authservice.tls.existingSecret The secret containing the `tls.crt`, `tls.key` and `ca.crt`.
- existingSecret: ingress-cert
+ existingSecret: auth-service-secret
## @skip authservice.tls.usePem
usePem: true
metrics:
@@ -133,8 +133,8 @@ authservice:
## limits:
## cpu: 500m
## memory: 1024Mi
- ## @skip authservice.extraEnvVarsSecret
- extraEnvVarsSecret: auth-service-secret
+ ## @skip authservice.extraEnvVarsCM
+ extraEnvVarsCM: auth-service-config
## @skip authservice.extraVolumes
extraVolumes:
- name: config-map
--
GitLab