Merge branch '1.4.x' into 1.5.x
diff --git "a/deploy-manifests/charts/1.2.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md" "b/deploy-manifests/charts/0.0.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md"
similarity index 88%
rename from "deploy-manifests/charts/1.2.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md"
rename to "deploy-manifests/charts/0.0.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md"
index a5b121c..1fd966b 100644
--- "a/deploy-manifests/charts/1.2.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md"
+++ "b/deploy-manifests/charts/0.0.0000.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214\357\274\210\345\237\272\344\272\216\345\272\224\347\224\250\345\225\206\345\272\227\357\274\211.md"
@@ -10,6 +10,7 @@
- | - | - | -
v1 | 刘洪青 | 2021-05-15 | 初稿
v1.4 | 刘洪青 | 2021-09-18 | V1.4 版本的部署更新
+v1.5 | 刘洪青 | 2021-12-28 | V1.5 版本的部署更新
[TOC]
@@ -58,6 +59,12 @@
变更,安全中心后端API,`https://personal-security-center.paas.xxx.edu.cn` 变更为 `https://authx-service.paas.xxx.edu.cn/personal`
变更,Token 认证,`https://token.paas.xxx.edu.cn` 变更为 `https://cas.pass.xxx.edu.cn/token`
+### V1.5
+
+1. 数据初始化,采用 应用商店下的 authx-service-init 进行处理
+
+2. 安全中心后端API,增加消息模板的配置 `EMAIL_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE`,`SMS_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE`
+
## 产品依赖
@@ -71,7 +78,7 @@
* platform openapi
-请使用 应用商店 部署
+确保已部署,或 请使用 应用商店 部署
## 安装准备
@@ -564,32 +571,6 @@
CAS SA API内部地址: `http://cas-server-sa.cas-server.svc.cluster.local:8080` ,固定值,若 cas-server 的命名空间有调整,请修改
-
-#### jobs-server
-
-命名空间: jobs-server
-
-* 外部RABBITMQ - 连接配置
-
- 外部RabbitMQ host: `authx-service-rabbitmq.authx-service.svc.cluster.local` ,连接 authx-service 的rabbitmq, 若 authx-service 的命名空间有调整,请修改
- 外部RabbitMQ port: 5672
-
-* RABBITMQ配置 - 安全配置
-
- 用户名: guest
- 密码: guest
-
-* 用户数据 - 数据源配置
-
- JDBC URL: `jdbc:mysql://authx-service-mysql-server.authx-service.svc.cluster.local:3306/user?serverTimezone=Asia/Shanghai` ,连接 authx-service 的mysql,若 authx-service 的命名空间有调整,请修改
- JDBC用户名: user
- JDBC密码: <请填写创建的数据库用户的密码>
-
-* 用户数据 - API设置
-
- GOA API地址: `http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080` ,固定值,若 authx-service 的命名空间有调整,请修改
-
-
#### cas-server
命名空间: cas-server
@@ -726,3 +707,81 @@
百度人脸登录Api Key:
百度人脸登录Secret Key:
+
+#### jobs-server
+
+**建议直接使用 yaml 部署**
+
+命名空间: jobs-server
+
+* 外部RABBITMQ - 连接配置
+
+ 外部RabbitMQ host: `authx-service-rabbitmq.authx-service.svc.cluster.local` ,连接 authx-service 的rabbitmq, 若 authx-service 的命名空间有调整,请修改
+ 外部RabbitMQ port: 5672
+
+* RABBITMQ配置 - 安全配置
+
+ 用户名: guest
+ 密码: guest
+
+* 用户数据 - 数据源配置
+
+ JDBC URL: `jdbc:mysql://authx-service-mysql-server.authx-service.svc.cluster.local:3306/user?serverTimezone=Asia/Shanghai` ,连接 authx-service 的mysql,若 authx-service 的命名空间有调整,请修改
+ JDBC用户名: user
+ JDBC密码: <请填写创建的数据库用户的密码>
+
+* 用户数据 - API设置
+
+ GOA API地址: `http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080` ,固定值,若 authx-service 的命名空间有调整,请修改
+
+
+#### authx-service-init
+
+**确保 admin-platform、cas-server、authx-service 已经完成部署**
+
+命名空间: authx-service-init
+
+* 域名全局设置
+
+ 根域名: `paas.<school>.edu.cn` ,请修改为实际的学校域名
+
+
+* 外网地址 - 云平台设置
+
+ 云平台外网地址: `https://admin-platform.paas.<school>.edu.cn` , 请设置为 云平台 的外网地址
+
+* 外网地址 - 安全中心设置
+
+ 安全中心外网地址: `https://authx-service.paas.<school>.edu.cn` , 请设置为 安全中心 的外网地址
+ 安全中心域名: `authx-service.paas.<school>.edu.cn` , 请确保与 安全中心 的外网地址 的域名一致
+
+
+* 管理接口 - CAS 认证
+
+ CAS 认证管理接口地址: `http://cas-server-sa.cas-server.svc.cluster.local:8080` , 固定值,若 cas-server 的命名空间有调整,请修改
+
+* 管理接口 - 云平台
+
+ 云平台管理接口地址: `http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080` , 固定值,若 admin-platform 的命名空间有调整,请修改
+
+* 管理接口 - 用户服务
+
+ 用户服务管理接口地址: `http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080` , 固定值,若 authx-service 的命名空间有调整,请修改
+
+* 管理接口 - 授权服务
+
+ 授权服务管理接口地址: `http://authx-service-user-authz-service-sa.authx-service.svc.cluster.local:8080` , 固定值,若 authx-service 的命名空间有调整,请修改
+
+
+* 路由服务 - 用户管理
+
+ 用户管理的路由服务地址: `http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080` , 固定值,若 authx-service 的命名空间有调整,请修改
+
+* 路由服务 - 授权管理、认证管理
+
+ 授权管理、认证管理的路由服务地址: `http://authx-service-bff.authx-service.svc.cluster.local:8080` , 固定值,若 authx-service 的命名空间有调整,请修改
+
+* 路由服务 - 个人中心
+
+ 个人中心的路由服务地址 `http://authx-service-personal-security-center-bff.authx-service.svc.cluster.local:8080` , 固定值,若 authx-service 的命名空间有调整,请修改
+
diff --git "a/deploy-manifests/charts/1.2.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\350\256\244\350\257\201\345\257\271\346\216\245\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\345\256\211\345\205\250\344\270\255\345\277\203\357\274\211.md" "b/deploy-manifests/charts/1.2.0001.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\350\256\244\350\257\201\345\257\271\346\216\245\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\345\256\211\345\205\250\344\270\255\345\277\203\357\274\211.md"
similarity index 100%
rename from "deploy-manifests/charts/1.2.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\350\256\244\350\257\201\345\257\271\346\216\245\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\345\256\211\345\205\250\344\270\255\345\277\203\357\274\211.md"
rename to "deploy-manifests/charts/1.2.0001.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\350\256\244\350\257\201\345\257\271\346\216\245\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\345\256\211\345\205\250\344\270\255\345\277\203\357\274\211.md"
diff --git "a/deploy-manifests/charts/1.2.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md" "b/deploy-manifests/charts/1.2.0002.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md"
similarity index 100%
rename from "deploy-manifests/charts/1.2.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md"
rename to "deploy-manifests/charts/1.2.0002.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md"
diff --git "a/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.2.0003.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
similarity index 100%
rename from "deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
rename to "deploy-manifests/charts/1.2.0003.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
diff --git "a/deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.3.0002.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
similarity index 100%
rename from "deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
rename to "deploy-manifests/charts/1.3.0002.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
diff --git "a/deploy-manifests/charts/1.4.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.4.0001.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
similarity index 100%
rename from "deploy-manifests/charts/1.4.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
rename to "deploy-manifests/charts/1.4.0001.\050\345\272\237\345\274\203\051\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
diff --git "a/deploy-manifests/k8s-rancher/0.1.1.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md" "b/deploy-manifests/k8s-rancher/0.1.1.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
index 91cb8de..eb2019b 100644
--- "a/deploy-manifests/k8s-rancher/0.1.1.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
+++ "b/deploy-manifests/k8s-rancher/0.1.1.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
@@ -10,10 +10,22 @@
- | - | - | -
v1 | 刘洪青 | 2020-06-10 | 初稿
v1.4 | 刘洪青 | 2021-09-21 | V1.4部署更新
+v1.5 | 刘洪青 | 2021-12-28 | V1.5 版本的部署更新
[TOC]
+## 部署变更说明
+
+**仅列举了一些重要的、对外部存在影响的变更**
+
+
+### V1.5
+
+1. 数据初始化,采用 应用商店下的 authx-service-init 进行处理
+
+2. 安全中心后端API,增加消息模板的配置 `EMAIL_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE`,`SMS_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE`
+
## 产品依赖
diff --git "a/deploy-manifests/k8s-rancher/0.2.1.POA\357\274\210\345\271\263\345\217\260OpenAPI\357\274\211\346\234\215\345\212\241\346\263\250\345\206\214.md" "b/deploy-manifests/k8s-rancher/0.2.1.\050\345\272\237\345\274\203\051POA\357\274\210\345\271\263\345\217\260OpenAPI\357\274\211\346\234\215\345\212\241\346\263\250\345\206\214.md"
similarity index 100%
rename from "deploy-manifests/k8s-rancher/0.2.1.POA\357\274\210\345\271\263\345\217\260OpenAPI\357\274\211\346\234\215\345\212\241\346\263\250\345\206\214.md"
rename to "deploy-manifests/k8s-rancher/0.2.1.\050\345\272\237\345\274\203\051POA\357\274\210\345\271\263\345\217\260OpenAPI\357\274\211\346\234\215\345\212\241\346\263\250\345\206\214.md"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml
index c535c46..090a8fb 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml
@@ -122,7 +122,7 @@
spec:
containers:
- name: authx-service-bff
- image: harbor.supwisdom.com/authx-service/authx-service-bff:1.4.0-RELEASE
+ image: harbor.supwisdom.com/authx-service/authx-service-bff:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml
index 06c3911..151fc5e 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml
@@ -44,7 +44,7 @@
spec:
containers:
- name: authx-management
- image: harbor.supwisdom.com/authx-service/authx-management:1.4.0-RELEASE
+ image: harbor.supwisdom.com/authx-service/authx-management:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 80
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml b/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
index eef5afa..eccdbef 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
@@ -138,7 +138,7 @@
containers:
- name: agent-service
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/thirdparty-agent-service/agent-service:1.3.0-RELEASE
+ image: harbor.supwisdom.com/thirdparty-agent-service/agent-service:1.3.1-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql "b/deploy-manifests/k8s-rancher/1.authx-service/10.0.\050\345\272\237\345\274\203\051init.sql"
similarity index 99%
rename from deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql
rename to "deploy-manifests/k8s-rancher/1.authx-service/10.0.\050\345\272\237\345\274\203\051init.sql"
index 371d490..f5bf206 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql
+++ "b/deploy-manifests/k8s-rancher/1.authx-service/10.0.\050\345\272\237\345\274\203\051init.sql"
@@ -1,4 +1,8 @@
--- 10.0.init.sql
+-- 10.0.(废弃)init.sql
+
+/*
+废弃,已由 99.inin-installer 统一处理
+*/
/*
将 paas.example.com 替换为 paas.学校域名.edu.cn
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml
index 745c460..8c1bb80 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml
@@ -28,7 +28,7 @@
containers:
- name: user-data-service-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml
index 63d972c..e65c200 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml
@@ -99,7 +99,7 @@
containers:
- name: user-data-service-poa
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/poa-api:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/poa-api:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
index 68cfc18..d568d6b 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
@@ -129,7 +129,7 @@
containers:
- name: user-data-service-goa
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/goa-api:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/goa-api:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
index 74d6c2a..7605c23 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
@@ -103,7 +103,7 @@
containers:
- name: user-data-service-biz
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/biz-api:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/biz-api:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml
index 1bba19f..9a5d371 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml
@@ -41,7 +41,7 @@
containers:
- name: user-data-service-datax-job
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/datax-job:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/datax-job:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml
index bfc4af5..12bc416 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml
@@ -38,7 +38,7 @@
containers:
- name: api-docs-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/goa/api-docs-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/goa/api-docs-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml
index 4afd7d8..52fc2ff 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml
@@ -28,7 +28,7 @@
containers:
- name: user-authorization-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/user-authorization-service/user-authorization-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/user-authorization-service/user-authorization-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml
index 740ee97..8cb03ad 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml
@@ -86,7 +86,7 @@
containers:
- name: user-authorization-poa
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/user-authorization-service/user-authorization-poa:1.4.0-RELEASE
+ image: harbor.supwisdom.com/user-authorization-service/user-authorization-poa:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
index bb55321..5f36800 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
@@ -88,7 +88,7 @@
containers:
- name: user-authorization-sa
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/user-authorization-service/user-authorization-sa:1.4.0-RELEASE
+ image: harbor.supwisdom.com/user-authorization-service/user-authorization-sa:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml
index e4789b1..67d05e1 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml
@@ -41,7 +41,7 @@
containers:
- name: user-authorization-datax-job
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/user-authorization-service/user-authorization-datax-job:1.4.0-RELEASE
+ image: harbor.supwisdom.com/user-authorization-service/user-authorization-datax-job:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml
index 90d8627..c839deb 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml
@@ -38,7 +38,7 @@
containers:
- name: api-docs-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/user-authorization-service/api-docs-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/user-authorization-service/api-docs-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
index 8fe13ae..dcd8535 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml
@@ -28,7 +28,7 @@
containers:
- name: cas-server-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/cas-server/cas-server-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
index 4ba150a..400bdfe 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
@@ -102,7 +102,7 @@
containers:
- name: cas-server-sa-api
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
index 38a0a80..d836c75 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
@@ -65,7 +65,7 @@
containers:
- name: cas-server-security-engine
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 6060
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
index 6826c26..35f41cd 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
@@ -2,6 +2,21 @@
---
apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ namespace: cas-server
+ name: cas-server-site-webapp-saml-pvc
+spec:
+ accessModes:
+ - ReadWriteMany
+ # 根据情况修改
+ storageClassName: nfs-client
+ resources:
+ requests:
+ storage: 1Gi
+
+---
+apiVersion: v1
kind: ConfigMap
metadata:
namespace: cas-server
@@ -56,6 +71,29 @@
CAS_AUTHN_ACCEPT_USERS: ""
+ ##
+ # SAML IdP
+ #
+ CAS_AUTHN_SAML_IDP_ENTITY_ID: https://cas.paas.xxx.edu.cn/cas/idp
+ CAS_AUTHN_SAML_IDP_SCOPE: cas.paas.xxx.edu.cn
+
+ ##
+ # SAML Metadata
+ #
+ CAS_AUTHN_SAML_IDP_METADATA_LOCATION: file:/etc/cas/saml
+
+
+ ##
+ # OAuth2
+ #
+ CAS_AUTHN_OAUTH_REFRESH_TOKEN_TIME_TO_KILL_IN_SECONDS: "2592000"
+
+ CAS_AUTHN_OAUTH_CODE_TIME_TO_KILL_IN_SECONDS: "30"
+
+ CAS_AUTHN_OAUTH_ACCESS_TOKEN_MAX_TIME_TO_LIVE_IN_SECONDS: "28800"
+ CAS_AUTHN_OAUTH_ACCESS_TOKEN_TIME_TO_KILL_IN_SECONDS: "7200"
+
+
## 配置第三方认证的相关参数
CASSERVER_FEDERATION_QQ_ENABLED: "true"
CASSERVER_FEDERATION_QQ_NAME: QQ
@@ -252,7 +290,7 @@
containers:
- name: cas-server-site-webapp
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
@@ -281,6 +319,15 @@
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 10
+ volumeMounts:
+ - mountPath: /etc/cas/saml
+ name: saml-metadata
+ volumes:
+ # - name: saml-metadata
+ # emptyDir: {}
+ - name: saml-metadata
+ persistentVolumeClaim:
+ claimName: cas-server-site-webapp-saml-pvc
imagePullSecrets:
- name: harbor-registry
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
index 4ca985f..63849c1 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml
@@ -95,7 +95,7 @@
memory: "256Mi"
- name: cas-server-site-scheme-generator
# 根据情况修改镜像地址
- image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
index b390d9b..c7056e7 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml
@@ -42,7 +42,7 @@
containers:
- name: cas-server-datax-job
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.4.0-RELEASE
+ image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml
index ad0118a..bc0c910 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml
@@ -28,7 +28,7 @@
containers:
- name: token-server-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/token-server/token-server-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/token-server/token-server-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
index 89706ed..ce7615c 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
@@ -225,7 +225,7 @@
containers:
- name: token-server
# 若使用了学校搭设的私有仓库,请 **修改**
- image: harbor.supwisdom.com/token-server/token-server:1.4.0-RELEASE
+ image: harbor.supwisdom.com/token-server/token-server:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml
index 9afeb2a..5939f1b 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml
@@ -38,7 +38,7 @@
containers:
- name: api-docs-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/token-server/api-docs-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/token-server/api-docs-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
index 9f93bb9..1a6f007 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
@@ -16,6 +16,8 @@
EMAIL_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE_BY_EMAIL_ADDRESS: '{name}:您正在修改安全邮箱,须验证邮箱有效,验证码{code},有效期5分钟,请尽快完成验证。'
EMAIL_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{name}:您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
+ EMAIL_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE: '{name}:您正在设置安全问题,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
+
EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{name}:您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{name}:您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
EMAIL_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{name}:您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
@@ -39,6 +41,8 @@
SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{prefix}您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE_BY_MOBILE: '{prefix}您正在修改安全手机,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
+ SMS_TEMPLATE_USER_SECURITY_QUESTION_SEND_CODE: '{name}:您正在设置安全问题,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
+
SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{prefix}您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{prefix}您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
SMS_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{prefix}您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
@@ -227,7 +231,7 @@
containers:
- name: personal-security-center-bff
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.4.0-RELEASE
+ image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
index 32c52ba..f1fd455 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
@@ -154,7 +154,7 @@
containers:
- name: personal-security-center-zuul
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/personal-security-center/personal-security-zuul:1.4.0-RELEASE
+ image: harbor.supwisdom.com/personal-security-center/personal-security-zuul:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
index 671389a..a20b877 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.9.security-center-ui.yaml
@@ -64,7 +64,7 @@
containers:
- name: security-center-ui
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/personal-security-center/security-center-ui:1.4.0-RELEASE
+ image: harbor.supwisdom.com/personal-security-center/security-center-ui:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 80
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
index fb8aa8b..fe104d3 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/7.attest-server/4.1.attest-server.yaml
@@ -139,7 +139,7 @@
spec:
containers:
- name: attest-server
- image: harbor.supwisdom.com/attest-server/attest-server:1.4.0-RELEASE
+ image: harbor.supwisdom.com/attest-server/attest-server:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
index bfc032f..2f6b228 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.0.authx-log-installer.yaml
@@ -27,7 +27,7 @@
restartPolicy: Never
containers:
- name: authx-log-installer
- image: harbor.supwisdom.com/authx-log/authx-log-installer:1.4.0-RELEASE
+ image: harbor.supwisdom.com/authx-log/authx-log-installer:1.5.0-RELEASE
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
index 36bd04c..09ef7ed 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/8.authx-log/4.2.authx-log-sa.yaml
@@ -84,7 +84,7 @@
spec:
containers:
- name: authx-log-sa
- image: harbor.supwisdom.com/authx-log/authx-log-sa:1.4.0-RELEASE
+ image: harbor.supwisdom.com/authx-log/authx-log-sa:1.5.0-RELEASE
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/99.init-installer/4.99.init-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/99.init-installer/4.99.init-installer.yaml
new file mode 100644
index 0000000..b8b3950
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/99.init-installer/4.99.init-installer.yaml
@@ -0,0 +1,68 @@
+# 4.99.init-installer.yaml
+
+## 安装完 authx-service 和 admin-platform 后,再执行
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: authx-service
+ name: init-installer-env
+data:
+
+ ##
+ # 安全中心访问地址,域名
+ # **修改** 学校的根域名
+ PERSONAL_SECURITY_CENTER_DOMAIN: "authx-service.paas.<school>.edu.cn"
+ PERSONAL_SECURITY_CENTER_EXTERNAL_URL: "https://authx-service.paas.<school>.edu.cn"
+
+ ##
+ # 云平台访问地址
+ # **修改** 学校的根域名
+ ADMIN_PLATFORM_EXTERNAL_URL: "https://admin-platform.paas.<school>.edu.cn"
+
+ # 服务的sa接口地址
+ # **修改** k8s内部地址
+ CAS_SA_SERVER_URL: "http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080"
+ USER_DATA_SA_SERVER_URL: "http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080"
+ USER_AUTHZ_SA_SERVER_URL: "http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080"
+ ADMIN_CENTER_SA_SERVER_URL: "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080"
+
+ # 路由接口地址
+ # **修改** k8s内部地址
+ USER_DATA_SERVICE_GOA_INTERNAL_URL: "http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080"
+ PERSONAL_SECURITY_CENTER_BFF_INTERNAL_URL: "http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080"
+ AUTHX_SERVICE_BFF_INTERNAL_URL: "http://authx-service-bff-svc.authx-service.svc.cluster.local:8080"
+
+
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ namespace: authx-service
+ name: init-installer
+spec:
+ completions: 1
+ parallelism: 1
+ template:
+ metadata:
+ labels:
+ app: init-installer
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: init-installer
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/authx-service/authx-init-installer:1.5.0-RELEASE
+ imagePullPolicy: Always
+ envFrom:
+ - configMapRef:
+ name: init-installer-env
+ # resources:
+ # requests:
+ # memory: "256Mi"
+ # limits:
+ # memory: "256Mi"
+ imagePullSecrets:
+ - name: harbor-registry
+