From f6267e81d5645b32ec76dce078be4cf5d8e49e62 Mon Sep 17 00:00:00 2001
From: Rainer Schamm <rainer@pimetix.com>
Date: Thu, 18 Apr 2024 13:18:54 +0200
Subject: [PATCH] some small fixes

---
 charts/confluent/Chart.yaml                        |  4 ++--
 charts/confluent/README.md                         |  3 ++-
 .../confluent/templates/000.mds-token-secret.yaml  |  4 ++--
 .../templates/000.schemaregistry-login-secret.yaml |  4 ++--
 charts/confluent/templates/NOTES.txt               |  4 ++--
 charts/confluent/templates/openldap-secrets.yaml   |  8 ++++----
 .../confluent/templates/openldap-statefulset.yaml  |  4 ++--
 charts/confluent/values.yaml                       |  4 +---
 values.yaml                                        | 14 ++++++++++++--
 9 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/charts/confluent/Chart.yaml b/charts/confluent/Chart.yaml
index 81d11b5..11ad6c5 100644
--- a/charts/confluent/Chart.yaml
+++ b/charts/confluent/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: lsdmesp-confluent
-version: "0.3.4"
-appVersion: "0.3.4"
+version: "0.3.5"
+appVersion: "0.3.5"
 description: 'LSDMESP CFK: LSD Event Streaming Platform with Confluent Operator'
 keywords:
   - lsdmesp
diff --git a/charts/confluent/README.md b/charts/confluent/README.md
index 6b787b4..58f928c 100644
--- a/charts/confluent/README.md
+++ b/charts/confluent/README.md
@@ -15,6 +15,7 @@ helm dependency update .
 Create the namespaces
 ```
 kubectl create ns lsdmesp-confluent
+kubectl config set-context --current --namespace lsdmesp-confluent
 ```
 
 Set PROJECT_HOME env var to project directory
@@ -54,4 +55,4 @@ kubectl patch controlcenter controlcenter -p '{"metadata":{"finalizers":[]}}' --
 kubectl -n lsdmesp-confluent delete secret ca-pair-sslcerts
 for crd in $(kubectl get crd --no-headers -ojsonpath='{.items[*].metadata.name}' | grep confluent); do kubectl delete crd $crd; done
 kubectl delete ns lsdmesp-confluent
-```
\ No newline at end of file
+```
diff --git a/charts/confluent/templates/000.mds-token-secret.yaml b/charts/confluent/templates/000.mds-token-secret.yaml
index 35d93a7..d3281d0 100644
--- a/charts/confluent/templates/000.mds-token-secret.yaml
+++ b/charts/confluent/templates/000.mds-token-secret.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 data:
-  mdsPublicKey.pem: {{ .Values.lsdmesp.tls.mds.key | b64enc }}
-  mdsTokenKeyPair.pem: {{ .Values.lsdmesp.tls.mds.publicKey | b64enc }}
+  mdsPublicKey.pem: {{ .Values.lsdmesp.tls.mds.publicKey | b64enc }}
+  mdsTokenKeyPair.pem: {{ .Values.lsdmesp.tls.mds.key | b64enc }}
 kind: Secret
 metadata:
   name: mds-token
diff --git a/charts/confluent/templates/000.schemaregistry-login-secret.yaml b/charts/confluent/templates/000.schemaregistry-login-secret.yaml
index 8e708de..789ef64 100644
--- a/charts/confluent/templates/000.schemaregistry-login-secret.yaml
+++ b/charts/confluent/templates/000.schemaregistry-login-secret.yaml
@@ -1,5 +1,5 @@
-{{- $schemaregistryy := .Values.lsdmesp.confluent.schemaregistryy -}}
-{{- if $schemaregistryy.enabled -}}
+{{- $schemaregistry := .Values.lsdmesp.confluent.schemaregistry -}}
+{{- if $schemaregistry.enabled -}}
 apiVersion: v1
 stringData:
   basic.txt: |-
diff --git a/charts/confluent/templates/NOTES.txt b/charts/confluent/templates/NOTES.txt
index bd4faae..5cfcb3b 100644
--- a/charts/confluent/templates/NOTES.txt
+++ b/charts/confluent/templates/NOTES.txt
@@ -10,7 +10,7 @@ Kafka password: {{ .Values.lsdmesp.confluent.kafka.password }}
 OpenLdap Helm charts based on the osixia/openldap
 
 {{- if .Values.lsdmesp.ldap.tls.enabled }}
-TLS Address: ldaps://{{ .Release.name }}.{{ .Release.Namespace }}.svc.cluster.local:636
+TLS Address: ldaps://ldap.{{ .Release.Namespace }}.svc.cluster.local:636
 {{- end }}
-Address: ldap://{{ .Release.name}}.{{ .Release.Namespace }}.svc.cluster.local:389
+Address: ldap://ldap.{{ .Release.Namespace }}.svc.cluster.local:389
 {{- end }}
diff --git a/charts/confluent/templates/openldap-secrets.yaml b/charts/confluent/templates/openldap-secrets.yaml
index 15bbe72..33b71f4 100644
--- a/charts/confluent/templates/openldap-secrets.yaml
+++ b/charts/confluent/templates/openldap-secrets.yaml
@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Release.name }}-ldifs
+  name: {{ .Release.Name }}-ldifs
   namespace: {{ .Release.Namespace }}
 stringData:
   00_cf_connect.ldif: |-
@@ -28,11 +28,11 @@ stringData:
     cn: {{ .Values.lsdmesp.confluent.kafka.username }}
   03_cf_restproxy.ldif: |-
     dn: cn=cf_restproxy,{{ `{{ LDAP_BASE_DN }}` }}
-    userPassword: {{ .Values.lsdmesp.confluent.restproxy.password }}
+    userPassword: {{ .Values.lsdmesp.confluent.kafkarestproxy.password }}
     description: Confluent REST Proxy user
     objectClass: simpleSecurityObject
     objectClass: organizationalRole
-    cn: {{ .Values.lsdmesp.confluent.restproxy.username }}
+    cn: {{ .Values.lsdmesp.confluent.kafkarestproxy.username }}
   04_cf_ksqldb.ldif: |-
     dn: cn=cf_ksqldb,{{ `{{ LDAP_BASE_DN }}` }}
     userPassword: {{ .Values.lsdmesp.confluent.ksqldb.password }}
@@ -64,4 +64,4 @@ metadata:
   namespace: {{ .Release.Namespace }}
 type: kubernetes.io/tls
 {{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/confluent/templates/openldap-statefulset.yaml b/charts/confluent/templates/openldap-statefulset.yaml
index 19035b5..24290c7 100644
--- a/charts/confluent/templates/openldap-statefulset.yaml
+++ b/charts/confluent/templates/openldap-statefulset.yaml
@@ -61,12 +61,12 @@ spec:
       - name: sslcerts-volume
         secret:
           defaultMode: 420
-          secretName: {{ .Release.name }}-sslcerts
+          secretName: {{ .Release.Name }}-sslcerts
       {{- end }}
       - name: customldif
         secret:
           defaultMode: 420
-          secretName: {{ .Release.name }}-ldifs
+          secretName: {{ .Release.Name }}-ldifs
   volumeClaimTemplates:
   - metadata:
       name: ldap-data
diff --git a/charts/confluent/values.yaml b/charts/confluent/values.yaml
index 3f5291d..2f02d3e 100644
--- a/charts/confluent/values.yaml
+++ b/charts/confluent/values.yaml
@@ -19,7 +19,7 @@ lsdmesp:
     # if `true`, then will be provisioned
     enabled: true
     readOnlyUser:
-      username: mds
+      username: cn=mds,dc=test,dc=com
       password: ""
     image: osixia/openldap:1.5.0
     tls:
@@ -28,8 +28,6 @@ lsdmesp:
       privkey: |-
       cacerts: |-
 
-    env: {}
-
     # Add additional ldifs to the core confluent ones
     extra_ldifs: {}
 #      06_cf_groupou.ldif: |-
diff --git a/values.yaml b/values.yaml
index 605d396..a8837f2 100644
--- a/values.yaml
+++ b/values.yaml
@@ -1,7 +1,16 @@
 lsdmesp:
   ldap:
     readOnlyUser:
-      password: kLg3{(bKjFW2
+      password: Developer!
+    env:
+      LDAP_ORGANISATION: "Test Inc."
+      LDAP_DOMAIN: "test.com"
+      LDAP_ADMIN_PASSWORD: "confluentrox"
+      LDAP_CONFIG_PASSWORD: "confluentconfigrox"
+      LDAP_READONLY_USER: "true"
+      LDAP_READONLY_USER_USERNAME: "mds"
+      LDAP_READONLY_USER_PASSWORD: "Developer!"
+      LDAP_BASE_DN: "dc=test,dc=com"
   confluent:
     connect:
       password: bk(2KW{LgFj3
@@ -10,7 +19,8 @@ lsdmesp:
     kafka:
       password: (2FbgWk3Kj{L
     kafkarestclass:
-      password: (2gL3KbkWj{F
+      # this needs to be the same as for the kafka user
+      password: (2FbgWk3Kj{L
     kafkarestproxy:
       password: WkF{L(bj2K3g
     ksqldb: