chore: nwpu 升级1.4
diff --git a/project/nwpu/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml b/project/nwpu/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
new file mode 100644
index 0000000..9088b39
--- /dev/null
+++ b/project/nwpu/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
@@ -0,0 +1,175 @@
+# 4.1.attest-server.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: attest-server
+ name: attest-server-env
+data:
+ SERVER_PORT: "8080"
+ SSL_ENABLED: "false"
+ #SSL_KEY_PASSWORD: ""
+ #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
+ #SSL_KEYSTORE_PASSWORD: ""
+
+ SERVER_SERVLET_CONTEXT_PATH: "/attest"
+
+ SERVER_MAXHTTPHEADERSIZE: "20480"
+
+ SERVER_TOMCAT_ACCEPT_COUNT: "500"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "500"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+
+ # **修改** 从POA申请
+ POA_SERVER_URL: http://poa.paas.nwpu.edu.cn
+ POA_CLIENT_ID: ""
+ POA_CLIENT_SECRET: ""
+ POA_SCOPES: appPush:v1:apppushByMessageType
+
+
+ # 修改为学校的根域名
+ ATTEST_SERVER_PREFIX: http://uis.paas.nwpu.edu.cn/attest
+
+
+ # guard
+ ATTEST_SERVER_SECUREPHONE_SMS_TEXT_TEMPLATE: 【认证服务】{name}:您正在进行验证身份,验证码为{code},有效期5分钟,请尽快完成验证。
+ ATTEST_SERVER_SECUREPHONE_SMS_FROM: 认证服务
+
+ # **修改** 根据实际情况,修改短信模板
+ ATTEST_SERVER_SECUREEMAIL_MAIL_TEXT_TEMPLATE: 【认证服务】{name}:您正在进行验证身份,验证码为{code},有效期5分钟,请尽快完成验证。
+ ATTEST_SERVER_SECUREEMAIL_MAIL_FROM: 认证服务
+
+ # 在超级APP 中唤起人脸识别的 URL Scheme
+ ATTEST_SERVER_FACEVERIFY_SUPERAPP_URL_SCHEME: superapp
+
+
+ # 超级APP Token 的验签公钥
+ TOKEN_SERVER_TOKEN_SIGNING_KEY_URL: http://token-server-svc.token-server.svc.cluster.local:8080/token/jwt/publicKey
+
+
+ USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
+ USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false"
+ #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
+ #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+ #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+ #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+
+ TPAS_AGENT_SERVICE_SERVER_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080
+ TPAS_AGENT_SERVICE_CLIENT_AUTH_ENABLED: "false"
+ #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
+ #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+ #TPAS_AGENT_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+ #TPAS_AGENT_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ # **修改**
+ # 若须对接sms 接口,须进行二开定制
+ TPAS_AGENT_SERVICE_SMS_SENDER_PATH: /api/v1/tpas/sms/console/send
+ TPAS_AGENT_SERVICE_MAIL_SENDER_PATH: /api/v1/tpas/mail/smtp/send
+ TPAS_AGENT_SERVICE_FACE_FACEVERIFY_PATH: /api/v1/tpas/face/aiface/faceverify
+
+
+ ##
+ # token-server
+ #
+ TOKEN_SERVER_SERVER_URL: http://token-server-svc.token-server.svc.cluster.local:8080/token
+
+
+ ##
+ # 将 attest 数据 推送到 rabbitmq
+ #
+ # ATTEST_RABBITMQ_ENABLED: "false"
+ # ATTEST_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
+ # ATTEST_RABBITMQ_PORT: "5672"
+ # ATTEST_RABBITMQ_USERNAME: guest
+ # ATTEST_RABBITMQ_PASSWORD: guest
+ #
+ # ATTEST_RABBITMQ_APPPUSHATTEST2TOKENRABBITSENDER_ENABLED: "false"
+
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: attest-server
+ name: attest-server-env-secret
+type: Opaque
+data:
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: attest-server
+ name: attest-server-svc
+ labels:
+ app: attest-server
+ needMonitor: 'true'
+spec:
+ ports:
+ - port: 8080
+ targetPort: http
+ protocol: TCP
+ name: http
+ - port: 6060
+ targetPort: http-metrics
+ protocol: TCP
+ name: http-metrics
+ selector:
+ app: attest-server
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: attest-server
+ name: attest-server
+spec:
+ selector:
+ matchLabels:
+ app: attest-server
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: attest-server
+ spec:
+ containers:
+ - name: attest-server
+ image: paas.harbor.nwpu.edu.cn/attest-server/attest-server:1.4.3-RELEASE
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 8080
+ name: http
+ - containerPort: 6060
+ name: http-metrics
+ envFrom:
+ - configMapRef:
+ name: jvm-env
+ - configMapRef:
+ name: attest-server-env
+ - secretRef:
+ name: attest-server-env-secret
+ resources:
+ requests:
+ memory: "1024Mi"
+ limits:
+ memory: "1024Mi"
+ readinessProbe:
+ httpGet:
+ path: /attest/actuator/health
+ port: 8080
+ initialDelaySeconds: 20
+ periodSeconds: 5
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 10
+ imagePullSecrets:
+ - name: harbor-registry
+