hswaw/ldapweb: bump version

This release removes Let's Encrypt DST Root CA X3 pinning and adds dynamic secret key generation. Deployed to production on 2021/10/09 Change-Id: I2b88dc9ab6b67d1c3af277d673702c6a1b3188db Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1161 Reviewed-by: q3k <q3k@hackerspace.pl>
2021-10-16 18:28:48 +02:00 · 2021-10-16 18:28:48 +02:00 · 9a89343985
parent f3e6f8f3d7
commit 9a89343985
1 changed files with 6 additions and 2 deletions
--- a/hswaw/kube/ldapweb.libsonnet
+++ b/hswaw/kube/ldapweb.libsonnet
@ -3,8 +3,8 @@ local kube = import "../../kube/kube.libsonnet";

 {
    cfg:: {
-        # Manually built from code.hackerspace.pl/q3k/ldap-web-public.
-        image: "registry.k0.hswaw.net/q3k/ldap-web:1597515993",
+        # Manually built from code.hackerspace.pl/informatic/ldap-web-public.
+        image: "registry.k0.hswaw.net/informatic/ldap-web:1633769899",
        webFQDN: error "webFQDN must be set!",
    },

@ -38,6 +38,10 @@ local kube = import "../../kube/kube.libsonnet";
                    # -*- coding: utf-8 -*-
                    import flask_wtf
                    import wtforms
+                    import secrets
+
+                    secret_key = secrets.token_hex(32)
+
                    ldap_url = 'ldap://ldap.hackerspace.pl'
                    dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"