diff --git a/charts/ocis/Chart.yaml b/charts/ocis/Chart.yaml index f3d3f34c2..4c4f9afff 100644 --- a/charts/ocis/Chart.yaml +++ b/charts/ocis/Chart.yaml @@ -10,7 +10,7 @@ maintainers: url: https://owncloud.com type: application version: 0.5.0 -appVersion: 5.0.0-alpha.5 +appVersion: 5.0.0-alpha.6 kubeVersion: "" # please see https://doc.owncloud.com/ocis/next/deployment/container/orchestration/orchestration.html#get-the-chart for compatible Kubernetes versions sources: - https://github.com/owncloud/ocis-charts diff --git a/charts/ocis/README.md b/charts/ocis/README.md index 9fe3f1cf4..2ddd921f0 100644 --- a/charts/ocis/README.md +++ b/charts/ocis/README.md @@ -2,7 +2,7 @@ [comment]: # (DONT EDIT THIS FILE, it is autogenerated. Instead you need to edit README.md.gotmpl) # ownCloud Infinite Scale (oCIS) Helm chart -![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0-alpha.5](https://img.shields.io/badge/AppVersion-5.0.0--alpha.5-informational?style=flat-square) +![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0-alpha.6](https://img.shields.io/badge/AppVersion-5.0.0--alpha.6-informational?style=flat-square) Installs [ownCloud Infinite Scale](https://doc.owncloud.com/ocis/next/). diff --git a/charts/ocis/templates/frontend/config.yaml b/charts/ocis/templates/frontend/config.yaml index f591ff453..23fd93a15 100644 --- a/charts/ocis/templates/frontend/config.yaml +++ b/charts/ocis/templates/frontend/config.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: sharing-banned-passwords + name: sharing-banned-passwords-{{ .appName }} namespace: {{ template "ocis.namespace" . }} labels: {{- include "ocis.labels" . | nindent 4 }} diff --git a/charts/ocis/templates/frontend/deployment.yaml b/charts/ocis/templates/frontend/deployment.yaml index d0f9f78ae..88c1ccfd5 100644 --- a/charts/ocis/templates/frontend/deployment.yaml +++ b/charts/ocis/templates/frontend/deployment.yaml @@ -189,4 +189,4 @@ spec: emptyDir: {} - name: configs configMap: - name: sharing-banned-passwords + name: sharing-banned-passwords-{{ .appName }} diff --git a/charts/ocis/templates/sharing/config.yaml b/charts/ocis/templates/sharing/config.yaml new file mode 100644 index 000000000..9019362cd --- /dev/null +++ b/charts/ocis/templates/sharing/config.yaml @@ -0,0 +1,15 @@ +{{- include "ocis.basicServiceTemplates" (dict "scope" . "appName" "appNameSharing" "appNameSuffix" "") -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: sharing-banned-passwords-{{ .appName }} + namespace: {{ template "ocis.namespace" . }} + labels: + {{- include "ocis.labels" . | nindent 4 }} +data: + sharing-banned-passwords.txt: |- + {{- with .Values.features.sharing.passwordPolicies.bannedPasswords -}} + {{- range . -}} + {{- . | nindent 4 }} + {{- end -}} + {{- end -}} diff --git a/charts/ocis/templates/sharing/deployment.yaml b/charts/ocis/templates/sharing/deployment.yaml index 7822dd7fe..d59a06cce 100644 --- a/charts/ocis/templates/sharing/deployment.yaml +++ b/charts/ocis/templates/sharing/deployment.yaml @@ -78,9 +78,22 @@ spec: - name: SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD value: {{ .Values.features.sharing.publiclink.writeableShareMustHavePassword | quote }} - # TODO: does not exist currently. Probably should be there because we also have SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD!? - # - name: SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD - # value: {{ .Values.features.sharing.publiclink.shareMustHavePassword | quote }} + - name: SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD + value: {{ .Values.features.sharing.publiclink.shareMustHavePassword | quote }} + + # password policies + - name: SHARING_PASSWORD_POLICY_MIN_CHARACTERS + value: {{ .Values.features.sharing.passwordPolicies.minCharacters | quote }} + - name: SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + value: {{ .Values.features.sharing.passwordPolicies.minLowerCharacters | quote }} + - name: SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + value: {{ .Values.features.sharing.passwordPolicies.minUpperCharacters | quote }} + - name: SHARING_PASSWORD_POLICY_MIN_DIGITS + value: {{ .Values.features.sharing.passwordPolicies.minDigits | quote }} + - name: SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + value: {{ .Values.features.sharing.passwordPolicies.minSpecialCharacters | quote }} + - name: SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + value: /etc/ocis/sharing-banned-passwords.txt # user sharing - name: SHARING_USER_DRIVER @@ -123,11 +136,11 @@ spec: volumeMounts: - name: tmp-volume mountPath: /tmp - - name: ocis-config-tmp - mountPath: /etc/ocis # we mount that volume only to apply fsGroup to that path - name: messaging-system-ca mountPath: /etc/ocis/messaging-system-ca readOnly: true + - name: configs + mountPath: /etc/ocis {{- include "ocis.imagePullSecrets" $ | nindent 6 }} volumes: @@ -142,3 +155,6 @@ spec: {{ else }} emptyDir: {} {{ end }} + - name: configs + configMap: + name: sharing-banned-passwords-{{ .appName }}