Remove Mailhog

README.md

@@ -7,7 +7,7 @@ Create a complete GitOps-based operational stack with all the tools you need for
 * __Deployment__: GitOps via Argo CD with a ready-to-use [repo structure](docs/Applications.md#argo-cd)
 * __Monitoring__: [Prometheus and Grafana](docs/Applications.md#monitoring-tools)
 * __Secrets__ Management:  [Vault and External Secrets Operator](docs/Applications.md#secrets-management-tools)
-* __Notifications__/Alerts: Grafana and ArgoCD can be predefined with either an external mailserver or [MailHog](https://github.com/mailhog/MailHog) for demo purposes.
+* __Notifications__/Alerts: Grafana and ArgoCD can be predefined with either an external mailserver.
 * __Pipelines__: Example applications using [Jenkins](docs/Applications.md#jenkins) with the [gitops-build-lib](https://github.com/cloudogu/gitops-build-lib) and [SCM-Manager](docs/Applications.md#scm-manager)
 * __Ingress__ Controller: [ingress](https://traefik.github.io/charts)
 * __Certificate__ Management: [cert-manager](https://cert-manager.io/)
@@ -40,7 +40,7 @@ bash <(curl -s \
     -v ~/.config/k3d/kubeconfig-gitops-playground.yaml:/home/.kube/config \
     --net=host \
     ghcr.io/cloudogu/gitops-playground --yes --argocd --ingress --base-url=http://localhost
-# More IDP-features: --mail --monitoring --vault=dev --cert-manager
+# More IDP-features: --monitoring --vault=dev --cert-manager
 # More features for developers: --jenkins --registry --content-examples
 ```
 

argocd/cluster-resources/apps/argocd/argocd/templates/allow-namespaces.ftl.yaml

@@ -1,25 +1,3 @@
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-argocd-access-mailhog
-  namespace: ${config.application.namePrefix}monitoring
-spec:
-  podSelector:
-      matchLabels:
-        app.kubernetes.io/name: mailhog
-  policyTypes:
-    - Ingress
-  ingress:
-    - from:
-        - namespaceSelector:
-            matchLabels:
-              kubernetes.io/metadata.name: ${config.application.namePrefix}argocd
-        - podSelector:
-            matchLabels:
-              app.kubernetes.io/name: argocd-notifications-controller
-      ports:
-        - protocol: TCP
-          port: 1025
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
@@ -43,4 +21,3 @@ spec:
       ports:
         - protocol: TCP
           port: 8080
----

argocd/cluster-resources/apps/argocd/multiTenant/central/projects/tenant.ftl.yaml

@@ -12,7 +12,6 @@ spec:
     - ${scm.centralScmUrl}argocd/cluster-resources.git
 <#if config.application.mirrorRepos>
     - ${scm.repoUrl}3rd-party-dependencies/kube-prometheus-stack.git
-    - ${scm.repoUrl}3rd-party-dependencies/mailhog.git
     - ${scm.repoUrl}3rd-party-dependencies/traefik.git
     - ${scm.repoUrl}3rd-party-dependencies/external-secrets.git
     - ${scm.repoUrl}3rd-party-dependencies/vault.git
@@ -36,4 +35,4 @@ spec:
       kind: '*'
 
   # Deny all cluster-scoped resources from being created. Least privilege.
-  clusterResourceWhitelist:
+  clusterResourceWhitelist:

argocd/cluster-resources/apps/argocd/projects/cluster-resources.ftl.yaml

@@ -17,7 +17,6 @@ spec:
   - ${scm.repoUrl}argocd/cluster-resources.git
 <#if config.application.mirrorRepos>
   - ${scm.baseUrl}<#if config.scm.scmProviderType == "GITLAB">/3rd-party-dependencies/kube-prometheus-stack.git<#else>/repo/3rd-party-dependencies/kube-prometheus-stack</#if>
-  - ${scm.baseUrl}<#if config.scm.scmProviderType == "GITLAB">/3rd-party-dependencies/mailhog.git<#else>/repo/3rd-party-dependencies/mailhog</#if>
   - ${scm.baseUrl}<#if config.scm.scmProviderType == "GITLAB">/3rd-party-dependencies/traefik.git<#else>/repo/3rd-party-dependencies/traefik</#if>
   - ${scm.baseUrl}<#if config.scm.scmProviderType == "GITLAB">/3rd-party-dependencies/external-secrets.git<#else>/repo/3rd-party-dependencies/external-secrets</#if>
   - ${scm.baseUrl}<#if config.scm.scmProviderType == "GITLAB">/3rd-party-dependencies/vault.git<#else>/repo/3rd-party-dependencies/vault</#if>
@@ -56,4 +55,4 @@ spec:
   # Allow all cluster-scoped resources to be created
   clusterResourceWhitelist:
     - group: '*'
-      kind: '*'
+      kind: '*'

argocd/cluster-resources/apps/monitoring/templates/prometheus-stack-helm-values.ftl.yaml

@@ -210,7 +210,7 @@ grafana:
   notifiers:
     notifiers.yaml:
       notifiers:
-      - name: mailhog
+      - name: mail
         type: email
         uid: email1
         is_default: true
@@ -245,17 +245,10 @@ grafana:
     # for Grafana.
     existingSecret: "grafana-email-secret"
  </#if>
- <#if config.features.mail.smtpAddress?has_content>
   env:
     GF_SMTP_ENABLED: true
     GF_SMTP_FROM_ADDRESS: ${config.features.monitoring.grafanaEmailFrom}
     GF_SMTP_HOST: ${config.features.mail.smtpAddress}<#if config.features.mail.smtpPort?has_content>:${config.features.mail.smtpPort?c}</#if>
- <#else>
-  env:
-    GF_SMTP_ENABLED: true
-    GF_SMTP_FROM_ADDRESS: ${config.features.monitoring.grafanaEmailFrom}
-    GF_SMTP_HOST: mailhog.${config.application.namePrefix}monitoring.svc.cluster.local:1025
- </#if>
 </#if>
 <#if config.application.podResources == true>
   resources:
@@ -372,4 +365,4 @@ prometheus:
         basic_auth:
           username: '${jenkins.metricsUsername}'
           password_file: '/etc/prometheus/secrets/prometheus-metrics-creds-jenkins/password'
-</#if>
+</#if>

docs/Applications.md

@@ -215,7 +215,7 @@ Grafana can be used to query and visualize metrics via prometheus.
 It is exposed via ingress, e.g. http://grafana.localhost.
 Prometheus is not exposed by default.
 
-In addition, argocd-notifications is set up. Applications deployed with Argo CD now will alert via email to mailhog
+In addition, argocd-notifications is set up. Applications deployed with Argo CD now will alert via email.
 the sync status failed, for example.
 
 **Note that this only works with Argo CD so far**

docs/Configuration.md

@@ -29,6 +29,7 @@ All options can be set via a [config file](./configuration.schema.json). Most op
 | `--registry-username` | `registry.username` | String | `` | Optional when registry-url is set |
 | `--registry-password` | `registry.password` | String | `` | Optional when registry-url is set |
 | `--registry-proxy-url` | `registry.proxyUrl` | String | `` | The url of your proxy-registry. Used in pipelines to authorize pull base images. Use in conjunction with petclinic base image. Used in helm charts when create-image-pull-secrets is set. Use in conjunction with helm.*image fields. |
+| `--registry-proxy-path` | `registry.proxyPath` | String | `` | Optional when registry-proxy-url is set and the registry is running on a non root web path. |
 | `--registry-proxy-username` | `registry.proxyUsername` | String | `` | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets, when create-image-pull-secrets is set. |
 | `--registry-proxy-password` | `registry.proxyPassword` | String | `` | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets, when create-image-pull-secrets is set. |
 | `--registry-username-read-only` | `registry.readOnlyUsername` | String | `` | Optional alternative username for registry-url with read-only permissions that is used when create-image-pull-secrets is set. |
@@ -70,7 +71,6 @@ All options can be set via a [config file](./configuration.schema.json). Most op
 | `--central-scmm-url` | `multiTenant.scmManager.url` | String | `-` | URL for the centralized Management Repo |
 | `--central-scmm-username` | `multiTenant.scmManager.username` | String | `-` | CENTRAL SCMM username |
 | `--central-scmm-password` | `multiTenant.scmManager.password` | String | `-` | CENTRAL SCMM password |
-| `--central-scmm-root-path` | `multiTenant.scmManager.rootPath` | String | `-` | Root path for SCM Manager. In SCM-Manager it is always "repo" |
 | `--central-scmm-namespace` | `multiTenant.scmManager.namespace` | String | `-` | Namespace where to find the Central SCMM |
 | `--central-argocd-namespace` | `multiTenant.centralArgocdNamespace` | String | `argocd` | Namespace for the centralized Argocd |
 | `--dedicated-instance` | `multiTenant.useDedicatedInstance` | Boolean | `false` | Toggles the Dedicated Instances Mode. See docs for more info |
@@ -93,7 +93,6 @@ All options can be set via a [config file](./configuration.schema.json). Most op
 | - | `scm.scmManager.helm.chart` | String | `-` | Name of the Helm chart |
 | - | `scm.scmManager.helm.repoURL` | String | `-` | Repository url from which the Helm chart should be obtained |
 | - | `scm.scmManager.helm.version` | String | `-` | The version of the Helm chart to be installed |
-| `--scmm-root-path` | `scm.scmManager.rootPath` | String | `-` | Sets the root path for the Git Repositories. In SCM-Manager it is always "repo" |
 | `--scmm-skip-restart` | `scm.scmManager.skipRestart` | Boolean | `-` | Skips restarting SCM-Manager after plugin installation. Use with caution! If the plugins are not installed up front, the installation will likely fail. The intended use case for this is after the first installation, for config changes only. Do not use on first installation or upgrades.' |
 | `--scmm-skip-plugins` | `scm.scmManager.skipPlugins` | Boolean | `-` | Skips plugin installation. Use with caution! If the plugins are not installed up front, the installation will likely fail. The intended use case for this is after the first installation, for config changes only. Do not use on first installation or upgrades. |
 | - | `scm.scmManager.gitOpsUsername` | String | `-` | Username for the Gitops User |
@@ -119,7 +118,7 @@ All options can be set via a [config file](./configuration.schema.json). Most op
 | `--pod-resources` | `application.podResources` | Boolean | `false` | Write kubernetes resource requests and limits on each pod |
 | `--git-name` | `application.gitName` | String | `Cloudogu` | Sets git author and committer name used for initial commits |
 | `--git-email` | `application.gitEmail` | String | `hello@cloudogu.com` | Sets git author and committer email used for initial commits |
-| `--base-url` | `application.baseUrl` | String | `` | the external base url (TLD) for all tools, e.g. https://example.com or http://localhost:8080. The individual -url params for argocd, grafana, vault and mailhog take precedence. |
+| `--base-url` | `application.baseUrl` | String | `` | the external base url (TLD) for all tools, e.g. https://example.com or http://localhost:8080. The individual -url params for argocd, grafana and vault take precedence. |
 | `--url-separator-hyphen` | `application.urlSeparatorHyphen` | Boolean | `false` | Use hyphens instead of dots to separate application name from base-url |
 | `--mirror-repos` | `application.mirrorRepos` | Boolean | `false` | Changes the sources of deployed tools so they are not pulled from the internet, but are pulled from git and work in air-gapped environments. |
 | `--skip-crds` | `application.skipCrds` | Boolean | `false` | Skip installation of CRDs. This requires prior installation of CRDs |
@@ -137,6 +136,7 @@ All options can be set via a [config file](./configuration.schema.json). Most op
 | - | `content.namespaces` | List<String> | `[]` | Additional kubernetes namespaces. These are authorized to Argo CD, supplied with image pull secrets, monitored by prometheus, etc. Namespaces can be templates, e.g. ${config.application.namePrefix}staging |
 | - | `content.repos` | List<ContentRepositorySchema> | `[]` | ContentLoader repos to push into target environment |
 | - | `content.variables` | Map | `[:]` | Additional variables to use in custom templates. |
+| - | `content.helmReleases` | List<HelmReleaseSchema> | `[]` | - |
 | `--content-whitelist` | `content.useWhitelist` | Boolean | `false` | Enables the whitelist for statics in content templating |
 | - | `content.allowedStaticsWhitelist` | Set<String> | `[]` | Whitelist for Statics freemarker is allowing in user templates |
 
@@ -163,17 +163,10 @@ Configuration of optional features supported by gitops-playground.
 
 | CLI | Config key | Type | Default | Description |
 | :--- | :--- | :--- | :--- | :--- |
-| `--mail` | `features.mail.mailServer` | Boolean | `false` | Installs a dedicated mail server. |
-| `--mail-url` | `features.mail.mailUrl` | String | `` | Sets url for the mail server frontend |
 | `--smtp-address` | `features.mail.smtpAddress` | String | `` | Sets smtp port of external Mailserver |
 | `--smtp-port` | `features.mail.smtpPort` | Integer | `-` | Sets smtp port of external Mailserver |
 | `--smtp-user` | `features.mail.smtpUser` | String | `` | Sets smtp username for external Mailserver |
 | `--smtp-password` | `features.mail.smtpPassword` | String | `` | Sets smtp password of external Mailserver |
-| `--mail-image` | `features.mail.helm.image` | String | `ghcr.io/cloudogu/mailhog:v1.0.1` | The image of the Helm chart to be installed |
-| - | `features.mail.helm.values` | Map | `[:]` | Helm values of the chart, allows overriding defaults and setting values that are not exposed as explicit configuration |
-| - | `features.mail.helm.chart` | String | `mailhog` | Name of the Helm chart |
-| - | `features.mail.helm.repoURL` | String | `https://codecentric.github.io/helm-charts` | Repository url from which the Helm chart should be obtained |
-| - | `features.mail.helm.version` | String | `5.0.1` | The version of the Helm chart to be installed |
 
 ### Feature: Monitoring
 
@@ -227,6 +220,7 @@ Configuration of optional features supported by gitops-playground.
 | CLI | Config key | Type | Default | Description |
 | :--- | :--- | :--- | :--- | :--- |
 | `--cert-manager` | `features.certManager.active` | Boolean | `false` | Sets and enables Cert Manager |
+| `--cert-manager-issuer` | `features.certManager.issuer` | String | `cluster-selfsigned` | Sets and enables Cert Manager |
 | `--cert-manager-image` | `features.certManager.helm.image` | String | `` | Sets image for Cert Manager |
 | `--cert-manager-webhook-image` | `features.certManager.helm.webhookImage` | String | `` | Sets webhook Image for Cert Manager |
 | `--cert-manager-cainjector-image` | `features.certManager.helm.cainjectorImage` | String | `` | Sets cainjector Image for Cert Manager |
@@ -235,5 +229,5 @@ Configuration of optional features supported by gitops-playground.
 | - | `features.certManager.helm.values` | Map | `[:]` | Helm values of the chart, allows overriding defaults and setting values that are not exposed as explicit configuration |
 | - | `features.certManager.helm.chart` | String | `cert-manager` | Name of the Helm chart |
 | - | `features.certManager.helm.repoURL` | String | `https://charts.jetstack.io` | Repository url from which the Helm chart should be obtained |
-| - | `features.certManager.helm.version` | String | `1.16.1` | The version of the Helm chart to be installed |
+| - | `features.certManager.helm.version` | String | `1.19.4` | The version of the Helm chart to be installed |
 

docs/Deploy-Ingress-Controller.md

@@ -37,7 +37,6 @@ It is possible to deploy `Ingress` objects for all components. You can either
 --argocd-url https://argocd.example.com 
 --grafana-url https://grafana.example.com 
 --vault-url https://vault.example.com 
---mail-url https://mail.example.com 
 --petclinic-base-domain petclinic.example.com 
 --nginx-base-domain nginx.example.com
 ```

docs/Developers.md

@@ -218,7 +218,7 @@ docker run --rm -t  -u $(id -u) \
     -v ~/.config/k3d/kubeconfig-gitops-playground.yaml:/home/.kube/config \
     -v $(pwd)/gitops-playground.yaml:/config/gitops-playground.yaml \
     --net=host \
-   gitops-playground:dev --yes --argocd --base-url=http://localhost  --ingress --mail --monitoring --vault=dev --url-separator-hyphen
+   gitops-playground:dev --yes --argocd --base-url=http://localhost  --ingress --monitoring --vault=dev --url-separator-hyphen
 
 # Create localhost entries with hyphens
 echo 127.0.0.1 $(kubectl get ingress -A  -o jsonpath='{.items[*].spec.rules[*].host}') | sudo tee -a /etc/hosts
@@ -317,7 +317,6 @@ docker run --rm -t -u $(id -u) \
     --registry-proxy-password=Proxy12345 \
     --registry-username-read-only=RegistryRead \
     --registry-password-read-only=RegistryRead12345 \
-    --mail-image=localhost:30000/proxy/mailhog:latest \
     --vault-image=localhost:30000/proxy/vault:latest \
     --config-file=/home/two-registries.yaml
 
@@ -438,8 +437,6 @@ docker run -it -u $(id -u) \
 ## Notifications / E-Mail
 
 Notifications are implemented via Mail.  
-Either internal MailHog or an external mail server can be used.
-
 To test with an external mail server, set up the configuration as follows:
 
 ```