fix: remove ldap multi cluster and update base images

flex-cn-setup/pygluu/kubernetes/gluu.py

@@ -198,12 +198,6 @@ def install_ldap_backup(self):
         if self.settings.get("global.storageClass.provisioner") not in \
                 ("microk8s.io/hostpath", "k8s.io/minikube-hostpath"):
             values_file_parser["gluuLdapSchedule"] = self.settings.get("installer-settings.ldap.backup.fullSchedule")
-        if self.settings.get("opendj.multiCluster.enabled"):
-            values_file_parser["multiCluster"]["enabled"] = True
-            values_file_parser["multiCluster"]["ldapAdvertiseAdminPort"] = \
-                self.settings.get("opendj.ports.tcp-admin.nodePort")
-            values_file_parser["multiCluster"]["serfAdvertiseAddrSuffix"] = \
-                self.settings.get("opendj.multiCluster.serfAdvertiseAddrSuffix")[:-6]
         values_file_parser.dump_it()
         exec_cmd("helm install {} -f ./helm/ldap-backup/values.yaml ./helm/ldap-backup --namespace={}".format(
             self.ldap_backup_release_name, self.settings.get("installer-settings.namespace")))

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/Chart.yaml

@@ -5,23 +5,23 @@ annotations:
   artifacthub.io/containsSecurityUpdates: "true"
   artifacthub.io/images: |
     - name: auth-server
-      image: janssenproject/auth-server:1.0.0-beta.16
+      image: janssenproject/auth-server:1.0.0-1
     - name: auth-server-key-rotation
-      image: janssenproject/certmanager:1.0.0-beta.16
+      image: janssenproject/certmanager:1.0.0-1
     - name:  client-api
-      image: janssenproject/client-api:1.0.0-beta.16
+      image: janssenproject/client-api:1.0.0-1
     - name: configuration-manager
-      image: janssenproject/configurator:1.0.0-beta.16
+      image: janssenproject/configurator:1.0.0-1
     - name:  config-api
-      image: janssenproject/config-api:1.0.0-beta.16
+      image: janssenproject/config-api:1.0.0-1
     - name: fido2
-      image: janssenproject/fido2:1.0.0-beta.16
+      image: janssenproject/fido2:1.0.0-1
     - name: opendj
       image: gluufederation/opendj:5.0.0_dev
     - name: persistence
-      image: janssenproject/persistence-loader:1.0.0-beta.16
+      image: janssenproject/persistence-loader:1.0.0-1
     - name: scim
-      image: janssenproject/scim:1.0.0-beta.16
+      image: janssenproject/scim:1.0.0-1
   artifacthub.io/license: Apache-2.0
   artifacthub.io/prerelease: "true"
   catalog.cattle.io/certified: partner

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/README.md

@@ -35,7 +35,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"gluufederation/admin-ui"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the liveness healthcheck for the admin ui if needed. |
 | readinessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the readiness healthcheck for the admin ui if needed. |
 | replicas | int | `1` | Service replica number. |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/values.yaml

@@ -28,7 +28,7 @@ image:
   # -- Image  to use for deploying.
   repository:  gluufederation/admin-ui
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Service replica number.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation/README.md

@@ -33,7 +33,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/certmanager"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | keysLife | int | `48` | Auth server key rotation keys life in hours |
 | nodeSelector | object | `{}` |  |
 | resources | object | `{"limits":{"cpu":"300m","memory":"300Mi"},"requests":{"cpu":"300m","memory":"300Mi"}}` | Resource specs. |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation/values.yaml

@@ -18,7 +18,7 @@ image:
   # -- Image  to use for deploying.
   repository: janssenproject/certmanager
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Auth server key rotation keys life in hours

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/README.md

@@ -36,7 +36,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/auth-server"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
 | livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. https://github.com/GluuFederation/docker-oxauth/blob/4.3/scripts/healthcheck.py |
 | readinessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the readiness healthcheck for the auth server if needed. https://github.com/GluuFederation/docker-oxauth/blob/4.3/scripts/healthcheck.py |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/values.yaml

@@ -28,7 +28,7 @@ image:
   # -- Image  to use for deploying.
   repository:  janssenproject/auth-server
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Service replica number.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/client-api/README.md

@@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/client-api"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"exec":{"command":["curl","-k","https://localhost:8443/health-check"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
 | livenessProbe.exec | object | `{"command":["curl","-k","https://localhost:8443/health-check"]}` | Executes the python3 healthcheck. |
 | nodeSelector | object | `{}` |  |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/client-api/values.yaml

@@ -28,7 +28,7 @@ image:
   # -- Image  to use for deploying.
   repository: janssenproject/client-api
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Service replica number.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api/README.md

@@ -38,7 +38,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/config-api"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"httpGet":{"path":"/jans-config-api/api/v1/health/live","port":8074},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
 | livenessProbe.httpGet | object | `{"path":"/jans-config-api/api/v1/health/live","port":8074}` | Executes the python3 healthcheck. https://github.com/GluuFederation/docker-oxauth/blob/4.3/scripts/healthcheck.py |
 | nameOverride | string | `""` |  |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api/values.yaml

@@ -33,7 +33,7 @@ image:
   # -- Image  to use for deploying.
   repository: janssenproject/config-api
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Service replica number.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/README.md

@@ -78,7 +78,7 @@ Kubernetes: `>=v1.21.0-0`
 | fullNameOverride | string | `""` |  |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/configurator"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | ldapPassword | string | `"P@ssw0rds"` | LDAP admin password if OpennDJ is used for persistence. |
 | migration | object | `{"enabled":false,"migrationDataFormat":"ldif","migrationDir":"/ce-migration"}` | CE to CN Migration section |
 | migration.enabled | bool | `false` | Boolean flag to enable migration from CE |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/templates/configmaps.yaml

@@ -129,10 +129,10 @@ data:
   CN_KEY_ROTATION_FORCE: "false"
   CN_KEY_ROTATION_CHECK: "3600"
   CN_KEY_ROTATION_INTERVAL: "48"
-  {{- if eq .Values.global.isFqdnRegistered "false" }}
-  CN_SSL_CERT_FROM_SECRETS: "true"
-  {{-else }}
+  {{- if .Values.global.isFqdnRegistered }}
   CN_SSL_CERT_FROM_SECRETS: "false"
+  {{- else }}
+  CN_SSL_CERT_FROM_SECRETS: "true"
   {{- end }}
   CN_CONTAINER_MAIN_NAME: {{ .Release.Name }}-auth-server
   # options: default/user/site/cache/statistic used only if CN_PERSISTENCE_TYPE is hybrid or hybrid

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/values.yaml

@@ -108,7 +108,7 @@ image:
   # -- Image  to use for deploying.
   repository: janssenproject/configurator
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- LDAP admin password if OpennDJ is used for persistence.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/fido2/README.md

@@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
 | image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
 | image.pullSecrets | list | `[]` | Image Pull Secrets |
 | image.repository | string | `"janssenproject/fido2"` | Image  to use for deploying. |
-| image.tag | string | `"1.0.0-beta.16"` | Image  tag to use for deploying. |
+| image.tag | string | `"1.0.0-1"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"httpGet":{"path":"/jans-fido2/sys/health-check","port":"http-fido2"},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the liveness healthcheck for the fido2 if needed. |
 | livenessProbe.httpGet | object | `{"path":"/jans-fido2/sys/health-check","port":"http-fido2"}` | http liveness probe endpoint |
 | readinessProbe | object | `{"httpGet":{"path":"/jans-fido2/sys/health-check","port":"http-fido2"},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the readiness healthcheck for the fido2 if needed. |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/fido2/values.yaml

@@ -29,7 +29,7 @@ image:
   # -- Image  to use for deploying.
   repository: janssenproject/fido2
   # -- Image  tag to use for deploying.
-  tag: 1.0.0-beta.16
+  tag: 1.0.0-1
   # -- Image Pull Secrets
   pullSecrets: [ ]
 # -- Service replica number.

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/opendj/README.md

@@ -39,13 +39,6 @@ Kubernetes: `>=v1.21.0-0`
 | image.tag | string | `"5.0.0_dev"` | Image  tag to use for deploying. |
 | livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"failureThreshold":20,"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for OpenDJ if needed. https://github.com/GluuFederation/docker-opendj/blob/4.3/scripts/healthcheck.py |
 | livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |
-| multiCluster.clusterId | string | `""` | This id needs to be unique to each kubernetes cluster in a multi cluster setup west, east, south, north, region ...etc If left empty it will be randomly generated. |
-| multiCluster.enabled | bool | `false` | Enable OpenDJ multiCluster mode. This flag enables loading keys under `opendj.multiCluster` |
-| multiCluster.namespaceIntId | int | `0` | Namespace int id. This id needs to be a unique number 0-9 per gluu installation per namespace. Used when gluu is installed in the same kubernetes cluster more than once. |
-| multiCluster.replicaCount | int | `1` | The number of opendj non scalabble statefulsets to create. Each pod created must be resolvable as it follows the patterm RELEASE-NAME-opendj-CLUSTERID-regional-{{statefulset pod number}}-{{ $.Values.multiCluster.serfAdvertiseAddrSuffix }} If set to 1, with a release name of gluu,  the address of the pod would be gluu-opendj-regional-0-regional.gluu.org |
-| multiCluster.serfAdvertiseAddrSuffix | string | `"regional.gluu.org:30946"` | OpenDJ Serf advertise address suffix that will be added to each opendj replica. i.e RELEASE-NAME-opendj-regional-{{statefulset pod number}}-{{ $.Values.multiCluster.serfAdvertiseAddrSuffix }} |
-| multiCluster.serfKey | string | `"Z51b6PgKU1MZ75NCZOTGGoc0LP2OF3qvF6sjxHyQCYk="` | Serf key. This key will automatically sync across clusters. |
-| multiCluster.serfPeers | list | `["gluu-opendj-regional-0-regional.gluu.org:30946","gluu-opendj-regional-0-regional.gluu.org:31946"]` | Serf peer addresses. One per cluster. |
 | nameOverride | string | `""` |  |
 | openDjVolumeMounts.config.mountPath | string | `"/opt/opendj/config"` |  |
 | openDjVolumeMounts.config.name | string | `"opendj-volume"` |  |

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/opendj/templates/cronjobs.yaml

@@ -91,10 +91,6 @@ spec:
                 sleep 300
                 RANDOM_NUM=$(cat /dev/urandom | tr -cd '0-5' | head -c 1)
                 LDAP_BACKUP_FILE=backup-$RANDOM_NUM.ldif
-                {{- if .Values.multiCluster.enabled }}
-                /opt/opendj/bin/export-ldif --hostname "$LDAP_HOST" --port "304{{$.Values.multiCluster.namespaceIntId}}0" --bindDN "$LDAP_BIND_DN" --bindPassword "$LDAP_PASSWORD" --backendID userRoot --ldifFile /opt/opendj/ldif/$LDAP_BACKUP_FILE --trustAll
-                {{- else }}
                 /opt/opendj/bin/export-ldif --hostname "$LDAP_HOST" --port 4444 --bindDN "$LDAP_BIND_DN" --bindPassword "$LDAP_PASSWORD" --backendID userRoot --ldifFile /opt/opendj/ldif/$LDAP_BACKUP_FILE --trustAll
-                {{- end }}
           restartPolicy: Never
 {{- end }}

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/opendj/templates/service.yaml

@@ -1,21 +1,11 @@
 {{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
-{{ range $k, $v := until ( .Values.multiCluster.replicaCount | int ) }}
----
-
 apiVersion: v1
 kind: Service
 metadata:
-  {{- if $.Values.multiCluster.enabled }}
-  name: {{ $.Values.global.opendj.ldapServiceName }}-regional-{{$v}}
-  {{- else }}
   name: {{ $.Values.global.opendj.ldapServiceName }}
-  {{- end }}
   namespace: {{ $.Release.Namespace }}
   labels:
 {{ include "opendj.labels" $ | indent 4}}
-    {{- if $.Values.multiCluster.enabled }}
-    appregion: {{ include "opendj.name" $ }}-regional-{{$v}}
-    {{- end }}
 {{- if $.Values.additionalLabels }}
 {{ toYaml $.Values.additionalLabels | indent 4 }}
 {{- end }}
@@ -25,34 +15,6 @@ metadata:
 {{- end }}
 spec:
   ports:
-  {{- if $.Values.multiCluster.enabled }}
-    - port: 1636
-      name: tcp-ldaps
-      targetPort: 1636
-      protocol: TCP
-      nodePort: 306{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-    - port: 309{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-      name: tcp-replication
-      targetPort: 309{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-      protocol: TCP
-      nodePort: 309{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-    - port: 304{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-      name: tcp-admin
-      targetPort: 304{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-      nodePort: 304{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-      protocol: TCP
-    - port: 7946
-      name: tcp-serf
-      targetPort: 7946
-      protocol: TCP
-      nodePort: 307{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-    - port: 7946
-      name: udp-serf
-      targetPort: 7946
-      protocol: UDP
-      nodePort: 307{{$.Values.multiCluster.namespaceIntId}}{{$v}}
-  type: NodePort
-  {{- else }}
     {{- range $key, $value := $.Values.ports }}
     - port: {{ $value.port }}
       name: {{ $key }}
@@ -63,51 +25,6 @@ spec:
       {{- end }}
     {{- end }}
   clusterIP: None
-  {{- end }}
   selector:
-    {{- if $.Values.multiCluster.enabled }}
-    appregion: {{ include "opendj.name" $ }}-regional-{{$v}}
-    {{- else }}
     app: {{ include "opendj.name" $ }}
-    {{- end }}
-{{- end }}
-{{- if .Values.multiCluster.enabled }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Values.global.opendj.ldapServiceName }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-{{ include "opendj.labels" . | indent 4}}
-spec:
-  ports:
-  - port: 1636
-    name: tcp-ldaps
-    targetPort: 1636
-    protocol: TCP
-  - port: 1389
-    name: tcp-ldap
-    targetPort: 1389
-    protocol: TCP
-  - port: 8989
-    name: tcp-replication
-    targetPort: 8989
-    protocol: TCP
-  - port: 4444
-    name: tcp-admin
-    targetPort: 4444
-    protocol: TCP
-  - port: 7946
-    name: tcp-serf
-    targetPort: 7946
-    protocol: TCP
-  - port: 7946
-    name: udp-serf
-    targetPort: 7946
-    protocol: UDP
-  clusterIP: None
-  selector:
-    app: {{ include "opendj.name" . }}
-{{- end }}
 {{- end }}