|
|
6ec0414fcd
|
jobs: prefer arm64 workers
|
2026-01-17 01:47:53 -03:00 |
|
|
|
33e35193fb
|
sso: harden keycloak jobs and rerun
|
2026-01-17 01:41:39 -03:00 |
|
|
|
1b4f46bb41
|
sso: rerun realm settings and vault oidc job
|
2026-01-17 01:36:48 -03:00 |
|
|
|
622c7acaa4
|
jobs: rerun keycloak realm + mas db ensure
|
2026-01-17 01:11:45 -03:00 |
|
|
|
a9351bc737
|
jobs: drop apk installs and prefer arm64
|
2026-01-17 01:02:58 -03:00 |
|
|
|
f4c6827c8c
|
keycloak: bump realm settings job
|
2026-01-17 01:00:12 -03:00 |
|
|
|
3e3061fe5b
|
finance: add actual budget and firefly
|
2026-01-16 23:52:56 -03:00 |
|
|
|
1fb7b27de4
|
keycloak: rerun realm and user overrides
|
2026-01-16 17:47:34 -03:00 |
|
|
|
1eb7d58259
|
keycloak: enforce bstein group membership
|
2026-01-16 17:36:07 -03:00 |
|
|
|
671d4d5dce
|
maintenance: cleanup k3s traefik and wger attrs
|
2026-01-16 09:27:22 -03:00 |
|
|
|
9474ab97f2
|
maintenance: disable k3s traefik; keycloak portal admin roles
|
2026-01-16 07:53:04 -03:00 |
|
|
|
5cd196e043
|
vault/keycloak: restore kv access and wger sync rbac
|
2026-01-16 03:46:07 -03:00 |
|
|
|
5816d4f399
|
comms: fix mas vault file paths
|
2026-01-15 23:56:32 -03:00 |
|
|
|
a2b2c7db9d
|
keycloak: align smtp probe user
|
2026-01-15 04:44:35 -03:00 |
|
|
|
8db4b4f0b5
|
keycloak: rerun execute-actions email e2e
|
2026-01-15 04:37:12 -03:00 |
|
|
|
c0d0e64bc6
|
keycloak: rerun realm smtp config
|
2026-01-15 04:24:16 -03:00 |
|
|
|
de6665c450
|
smtp: use mail.bstein.dev for app relays
|
2026-01-15 04:04:50 -03:00 |
|
|
|
e6210644c2
|
smtp: point services at mailu relay
|
2026-01-15 03:58:03 -03:00 |
|
|
|
bf9a24681c
|
fix: bump keycloak and portal e2e job names
|
2026-01-15 03:44:27 -03:00 |
|
|
|
69cee91dda
|
vault: fix data-prepper pipeline and portal admin secret job
|
2026-01-15 03:42:57 -03:00 |
|
|
|
53da4c20ab
|
keycloak: stop writing oauth2-proxy secret
|
2026-01-15 02:37:04 -03:00 |
|
|
|
82090c1953
|
vault: read oidc config from vault
|
2026-01-14 23:20:04 -03:00 |
|
|
|
fb671865e5
|
vault: inject remaining services with wrappers
|
2026-01-14 17:29:09 -03:00 |
|
|
|
4f1fb62ab3
|
vault: bump job names for injector
|
2026-01-14 14:33:57 -03:00 |
|
|
|
98d67293bc
|
vault: prepopulate injector for jobs
|
2026-01-14 14:29:29 -03:00 |
|
|
|
d559aeb464
|
keycloak: schedule on arm64 workers
|
2026-01-14 13:49:37 -03:00 |
|
|
|
9c16d0fbc0
|
keycloak: bump job names
|
2026-01-14 13:42:08 -03:00 |
|
|
|
89f4b0dbdf
|
vault: stabilize injector templates and add health apps
|
2026-01-14 13:40:29 -03:00 |
|
|
|
58c880d9ce
|
keycloak: switch jobs to vault injector
|
2026-01-14 13:20:57 -03:00 |
|
|
|
b1f9df4d83
|
vault: sync harbor pulls
|
2026-01-14 10:07:31 -03:00 |
|
|
|
37302664c2
|
vault: add remaining secret syncs
|
2026-01-14 06:16:42 -03:00 |
|
|
|
5683b3f941
|
jobs: bump names after vault tweaks
|
2026-01-14 05:47:21 -03:00 |
|
|
|
9ec08e1dc2
|
jobs: drop apk in kubectl image
|
2026-01-14 05:41:01 -03:00 |
|
|
|
35369d53d8
|
jobs: bump names for immutability
|
2026-01-14 05:32:07 -03:00 |
|
|
|
de3db3133b
|
vault(consumption): sync secrets via CSI
|
2026-01-14 05:07:23 -03:00 |
|
|
|
fd2ae6bdd5
|
vault: wire more services to CSI
|
2026-01-14 02:54:59 -03:00 |
|
|
|
55234f8536
|
vault: align oidc roles with keycloak
|
2026-01-14 02:24:32 -03:00 |
|
|
|
1d894ea80f
|
keycloak: fix harbor oidc job
|
2026-01-14 01:24:18 -03:00 |
|
|
|
537d304b36
|
keycloak: bump harbor oidc job
|
2026-01-14 01:22:30 -03:00 |
|
|
|
e776f004c9
|
keycloak: ensure harbor oidc scope
|
2026-01-14 01:21:08 -03:00 |
|
|
|
4a1c4766b8
|
feat: add harbor/vault oidc automation
|
2026-01-14 01:07:47 -03:00 |
|
|
|
4602656578
|
vault: prep helm releases and image pins
|
2026-01-13 19:29:14 -03:00 |
|
|
|
3fc9f7bbdb
|
iac: localize configmap scripts
|
2026-01-13 12:07:03 -03:00 |
|
|
|
4d6d0b89b2
|
planka: default users to project owners
|
2026-01-12 23:24:09 -03:00 |
|
|
|
1a50f51115
|
planka: enable project owners via oidc
|
2026-01-12 23:14:17 -03:00 |
|
|
|
7a9cf1df98
|
keycloak: fix logs oauth2 cookie secret
|
2026-01-09 08:57:13 -03:00 |
|
|
|
cac71e4a41
|
logging: add opensearch dashboards ui
|
2026-01-09 08:54:07 -03:00 |
|
|
|
0fc4b299da
|
keycloak: re-run mas secrets ensure
|
2026-01-08 05:43:33 -03:00 |
|
|
|
d3c6ddeead
|
comms: re-run signing key and synapse oidc
|
2026-01-08 05:40:28 -03:00 |
|
|
|
5a23514a30
|
sso: install kubectl in synapse oidc job
|
2026-01-08 03:57:35 -03:00 |
|
