From: 刘洪青 <hongqing.liu@supwisdom.com>
Date: Mon, 21 Dec 2020 08:03:20 +0000 (+0800)
Subject: chore: cas-server CAS认证，更新镜像版本 1.1.0-RELEASE
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=9a6100f13b8b7810f53ae308a254120ef37cdc2f;p=institute%2Fdeploy-authx-service.git

chore: cas-server CAS认证，更新镜像版本 1.1.0-RELEASE
---

diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
index de2d386..50acf64 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
@@ -28,7 +28,7 @@ spec:
       containers:
       - name: cas-server-installer
         # è¥ä½¿ç¨äºå­¦æ ¡æ­è®¾çç§æä»åºï¼è¯·ä¿®æ¹
-        image: harbor.supwisdom.com/cas-server/cas-server-installer:1.0.9-RELEASE
+        image: harbor.supwisdom.com/cas-server/cas-server-installer:1.1.0-RELEASE
         imagePullPolicy: Always
         envFrom:
         - configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
index 25739fe..e85ce35 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
@@ -95,7 +95,7 @@ spec:
       containers:
       - name: cas-server-sa-api
         # è¥ä½¿ç¨äºå­¦æ ¡æ­è®¾çç§æä»åºï¼è¯·ä¿®æ¹
-        image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.0.9-RELEASE
+        image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.1.0-RELEASE
         imagePullPolicy: Always
         ports:
         - containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
index 1f6f359..dc63def 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
@@ -62,7 +62,7 @@ spec:
       containers:
       - name: cas-server-security-engine
         # è¥ä½¿ç¨äºå­¦æ ¡æ­è®¾çç§æä»åºï¼è¯·ä¿®æ¹
-        image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.0.9-RELEASE
+        image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.1.0-RELEASE
         imagePullPolicy: Always
         ports:
         - containerPort: 6060
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml
new file mode 100644
index 0000000..c578629
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml
@@ -0,0 +1,113 @@
+# 4.4.cas-server-uidws.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: cas-server
+  name: cas-server-uidws-env
+data:
+  SERVER_PORT: "8080"
+  SSL_ENABLED: "false"
+  #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
+  #SSL_KEYSTORE_PASSWORD: ""
+  #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
+  #SSL_TRUSTSTORE_PASSWORD: ""
+
+  SERVER_MAXHTTPHEADERSIZE: "10240"
+
+  SERVER_TOMCAT_ACCEPT_COUNT: "100"
+  SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+  SERVER_TOMCAT_MAX_THREADS: "200"
+  SERVER_TOMCAT_MIN_SPARE_THREADS: "10"
+
+
+  UIDWS_APPKEYSECRET: "1:1,2:2"
+
+
+  USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
+  USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false"
+  #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: cas-server
+  name: cas-server-uidws-env-secret
+type: Opaque
+data:
+  #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
+  #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
+  #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: cas-server
+  name: cas-server-uidws-svc
+  labels:
+    app: cas-server-uidws
+    needMonitor: 'true'
+spec:
+  ports:
+    - port: 8080
+      targetPort: http
+      protocol: TCP
+      name: http
+    - port: 6060
+      targetPort: http-metrics
+      protocol: TCP
+      name: http-metrics
+  selector:
+    app: cas-server-uidws
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cas-server-uidws
+  namespace: cas-server
+spec:
+  selector:
+    matchLabels:
+      app: cas-server-uidws
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: cas-server-uidws
+    spec:
+      containers:
+      - name: cas-server-uidws
+        image: harbor.supwisdom.com/cas-server/cas-server-uidws:1.1.0-RELEASE
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 8080
+          name: http
+        - containerPort: 6060
+          name: http-metrics
+        envFrom:
+        - configMapRef:
+            name: jvm-env
+        - configMapRef:
+            name: cas-server-uidws-env
+        - secretRef:
+            name: cas-server-uidws-env-secret
+        resources:
+          requests:
+            memory: "512Mi"
+          limits:
+            memory: "512Mi"
+        readinessProbe:
+          httpGet:
+            path: /uidws/actuator/health
+            port: 8080
+          initialDelaySeconds: 20
+          periodSeconds: 5
+          timeoutSeconds: 5
+          successThreshold: 1
+          failureThreshold: 10
+      imagePullSecrets:
+        - name: harbor-registry
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
index 579053b..b8b5b6b 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
@@ -211,7 +211,7 @@ spec:
       containers:
       - name: cas-server-site-webapp
         # è¥ä½¿ç¨äºå­¦æ ¡æ­è®¾çç§æä»åºï¼è¯·ä¿®æ¹
-        image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.0.9-RELEASE
+        image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.1.0-RELEASE
         imagePullPolicy: Always
         ports:
         - containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
index f1a2bc2..81f75fa 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
@@ -95,7 +95,7 @@ spec:
             memory: "256Mi"
       - name: cas-server-site-scheme-generator
         # æ ¹æ®æåµä¿®æ¹éåå°å
-        image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.0.9-RELEASE
+        image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.1.0-RELEASE
         imagePullPolicy: Always
         envFrom:
         - configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
index 33f353c..8a4c88f 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
@@ -42,7 +42,7 @@ spec:
           containers:
           - name: cas-server-datax-job
             # è¥ä½¿ç¨äºå­¦æ ¡æ­è®¾çç§æä»åºï¼è¯·ä¿®æ¹
-            image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.0.9-RELEASE
+            image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.1.0-RELEASE
             imagePullPolicy: Always
             envFrom:
             - configMapRef: