From fc9e1611ba674236366d8b4c3c3c0dc1fb39bbad Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Fri, 24 Jan 2025 15:01:43 +0100 Subject: [PATCH 1/6] Add zammad-ldap-sync secret --- charts/zammad-ldap-sync/Chart.yaml | 2 +- charts/zammad-ldap-sync/templates/secret.yaml | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 charts/zammad-ldap-sync/templates/secret.yaml diff --git a/charts/zammad-ldap-sync/Chart.yaml b/charts/zammad-ldap-sync/Chart.yaml index 3b82548a..4b31f013 100644 --- a/charts/zammad-ldap-sync/Chart.yaml +++ b/charts/zammad-ldap-sync/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: zammad-ldap-sync -version: 0.5.1 +version: 0.6.0 maintainers: - name: klml email: klml@muenchen.de diff --git a/charts/zammad-ldap-sync/templates/secret.yaml b/charts/zammad-ldap-sync/templates/secret.yaml new file mode 100644 index 00000000..a927b475 --- /dev/null +++ b/charts/zammad-ldap-sync/templates/secret.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: zammad-ldap-sync +type: Opaque +data: + spring.mail.password: ReplaceWithMailAccountPassword + spring.mail.username: ReplaceWithMailAccountUsername + zammad.token: ReplaceWithZammadAccessToken \ No newline at end of file From f504cb2f2d3f8657305f3fd058dbb880ed1d8658 Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Fri, 24 Jan 2025 15:15:21 +0100 Subject: [PATCH 2/6] Encode content with base64 --- charts/zammad-ldap-sync/templates/secret.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/zammad-ldap-sync/templates/secret.yaml b/charts/zammad-ldap-sync/templates/secret.yaml index a927b475..947a356a 100644 --- a/charts/zammad-ldap-sync/templates/secret.yaml +++ b/charts/zammad-ldap-sync/templates/secret.yaml @@ -4,6 +4,6 @@ metadata: name: zammad-ldap-sync type: Opaque data: - spring.mail.password: ReplaceWithMailAccountPassword - spring.mail.username: ReplaceWithMailAccountUsername - zammad.token: ReplaceWithZammadAccessToken \ No newline at end of file + spring.mail.password: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFBhc3N3b3JkCg== + spring.mail.username: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFVzZXJuYW1lCg== + zammad.token: UmVwbGFjZVdpdGhaYW1tYWRBY2Nlc3NUb2tlbgo= \ No newline at end of file From 6d912945063517a1afa7a37535ee7a9b768ac1a3 Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Mon, 27 Jan 2025 14:33:21 +0100 Subject: [PATCH 3/6] Move configuration values to cicd config. --- charts/zammad-ldap-sync/templates/secret.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/zammad-ldap-sync/templates/secret.yaml b/charts/zammad-ldap-sync/templates/secret.yaml index 947a356a..5463d639 100644 --- a/charts/zammad-ldap-sync/templates/secret.yaml +++ b/charts/zammad-ldap-sync/templates/secret.yaml @@ -1,9 +1,9 @@ -apiVersion: v1 -kind: Secret -metadata: - name: zammad-ldap-sync -type: Opaque -data: - spring.mail.password: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFBhc3N3b3JkCg== - spring.mail.username: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFVzZXJuYW1lCg== - zammad.token: UmVwbGFjZVdpdGhaYW1tYWRBY2Nlc3NUb2tlbgo= \ No newline at end of file +apiVersion: v1 +kind: Secret +metadata: + name: zammad-ldap-sync +type: Opaque +data: + spring.mail.password: {{ .Values.ldapSync.applicationYML.spring.mail.username }} + spring.mail.username: {{ .Values.ldapSync.applicationYML.spring.mail.username }} + zammad.token: {{ .Values.ldapSync.zammadToken }} \ No newline at end of file From 431080265d5a99996589942d50d468e93af39624 Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Mon, 27 Jan 2025 14:33:21 +0100 Subject: [PATCH 4/6] Move configuration values to cicd config. --- charts/zammad-ldap-sync/templates/secret.yaml | 18 +++++++++--------- charts/zammad-ldap-sync/values.yaml | 5 +++-- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/charts/zammad-ldap-sync/templates/secret.yaml b/charts/zammad-ldap-sync/templates/secret.yaml index 947a356a..5463d639 100644 --- a/charts/zammad-ldap-sync/templates/secret.yaml +++ b/charts/zammad-ldap-sync/templates/secret.yaml @@ -1,9 +1,9 @@ -apiVersion: v1 -kind: Secret -metadata: - name: zammad-ldap-sync -type: Opaque -data: - spring.mail.password: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFBhc3N3b3JkCg== - spring.mail.username: UmVwbGFjZVdpdGhNYWlsQWNjb3VudFVzZXJuYW1lCg== - zammad.token: UmVwbGFjZVdpdGhaYW1tYWRBY2Nlc3NUb2tlbgo= \ No newline at end of file +apiVersion: v1 +kind: Secret +metadata: + name: zammad-ldap-sync +type: Opaque +data: + spring.mail.password: {{ .Values.ldapSync.applicationYML.spring.mail.username }} + spring.mail.username: {{ .Values.ldapSync.applicationYML.spring.mail.username }} + zammad.token: {{ .Values.ldapSync.zammadToken }} \ No newline at end of file diff --git a/charts/zammad-ldap-sync/values.yaml b/charts/zammad-ldap-sync/values.yaml index 1755a70c..20eeab42 100644 --- a/charts/zammad-ldap-sync/values.yaml +++ b/charts/zammad-ldap-sync/values.yaml @@ -1,4 +1,5 @@ ldapSync: + zammadToken: Y2ljZC1zZWNyZXQK image: registry: ghcr.io repository: it-at-m/zammad-ldap-sync @@ -19,8 +20,8 @@ ldapSync: mail: host: mail.example.com port: 1 - username: email-user - password: email-password + username: ZW1haWwtdXNlcgo= + password: ZW1haWwtcGFzc3dvcmQK ldap: url: ldaps://... sync: From 10615abf766d0d1706051603772a566f2323a990 Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Mon, 27 Jan 2025 15:55:53 +0100 Subject: [PATCH 5/6] Comment values token, email user + password as base64 encoded. --- charts/zammad-ldap-sync/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/zammad-ldap-sync/values.yaml b/charts/zammad-ldap-sync/values.yaml index 20eeab42..8a7c3f1e 100644 --- a/charts/zammad-ldap-sync/values.yaml +++ b/charts/zammad-ldap-sync/values.yaml @@ -1,4 +1,5 @@ ldapSync: + # base64 encode. zammadToken: Y2ljZC1zZWNyZXQK image: registry: ghcr.io @@ -20,6 +21,7 @@ ldapSync: mail: host: mail.example.com port: 1 + # base64 encode. username: ZW1haWwtdXNlcgo= password: ZW1haWwtcGFzc3dvcmQK ldap: From cc15ad3589594e10409fee4148343ae71a7e8257 Mon Sep 17 00:00:00 2001 From: sfi2022 <109145215+sfi2022@users.noreply.github.com> Date: Tue, 28 Jan 2025 16:37:05 +0100 Subject: [PATCH 6/6] Encoding base64 by helm on-the-fly. --- charts/zammad-ldap-sync/templates/secret.yaml | 6 +++--- charts/zammad-ldap-sync/values.yaml | 8 +++----- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/zammad-ldap-sync/templates/secret.yaml b/charts/zammad-ldap-sync/templates/secret.yaml index 5463d639..fa0786c8 100644 --- a/charts/zammad-ldap-sync/templates/secret.yaml +++ b/charts/zammad-ldap-sync/templates/secret.yaml @@ -4,6 +4,6 @@ metadata: name: zammad-ldap-sync type: Opaque data: - spring.mail.password: {{ .Values.ldapSync.applicationYML.spring.mail.username }} - spring.mail.username: {{ .Values.ldapSync.applicationYML.spring.mail.username }} - zammad.token: {{ .Values.ldapSync.zammadToken }} \ No newline at end of file + spring.mail.password: {{ .Values.ldapSync.applicationYML.spring.mail.username | b64enc }} + spring.mail.username: {{ .Values.ldapSync.applicationYML.spring.mail.username | b64enc}} + zammad.token: {{ .Values.ldapSync.zammadToken | b64enc}} \ No newline at end of file diff --git a/charts/zammad-ldap-sync/values.yaml b/charts/zammad-ldap-sync/values.yaml index 8a7c3f1e..a9048d06 100644 --- a/charts/zammad-ldap-sync/values.yaml +++ b/charts/zammad-ldap-sync/values.yaml @@ -1,6 +1,5 @@ ldapSync: - # base64 encode. - zammadToken: Y2ljZC1zZWNyZXQK + zammadToken: ReplaceWithZammadAccessToken image: registry: ghcr.io repository: it-at-m/zammad-ldap-sync @@ -21,9 +20,8 @@ ldapSync: mail: host: mail.example.com port: 1 - # base64 encode. - username: ZW1haWwtdXNlcgo= - password: ZW1haWwtcGFzc3dvcmQK + username: ReplaceWithMailAccountUsername + password: ReplaceWithMailAccountPassword ldap: url: ldaps://... sync: