From c982d0116cbb30a0fb18798b0e4877d59e415e3c Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Mon, 21 Jun 2021 19:53:59 +0000
Subject: [PATCH 1/9] Update MM version and changelog.

---
 CHANGELOG.md      | 4 ++++
 chart/Chart.yaml  | 4 ++--
 chart/values.yaml | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d1e9a2f..f1e6e71 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ---
 
+## [0.1.6-bb.6] - 2021-06-21
+### Changed
+- Update Mattermost to version 5.36.0
+
 ## [0.1.6-bb.5] - 2021-06-21
 ### Fixed
 - NetworkPolicy blocking an init container, added policy to allow postgres egress for the init container
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 68c86b6..f6dd4af 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
 name: mattermost
 type: application
-version: "0.1.6-bb.5"
-appVersion: "5.34.2"
+version: "0.1.6-bb.6"
+appVersion: "5.36.0"
 description: "Deployment of mattermost"
 keywords:
   - Mattermost
diff --git a/chart/values.yaml b/chart/values.yaml
index 418fd1e..636b50a 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -36,7 +36,7 @@ sso:
 # Repo and image tag 
 image:
   name: registry1.dso.mil/ironbank/opensource/mattermost/mattermost
-  tag: 5.34.2
+  tag: 5.36.0
   imagePullPolicy: IfNotPresent
 
 global:
-- 
GitLab


From e7ebfb85f47b40b57975eceaa03fa4e7135c5d4c Mon Sep 17 00:00:00 2001
From: Chuck Culman <chuck.culman@lmco.comw>
Date: Tue, 22 Jun 2021 11:19:15 +0000
Subject: [PATCH 2/9] turn on monitoring

---
 chart/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index 636b50a..0636fc6 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -15,7 +15,7 @@ istio:
 
 # NOTE: Requires enterprise.enabled to have any effect
 monitoring:
-  enabled: false
+  enabled: true
   namespace: monitoring
 
 networkPolicies:
-- 
GitLab


From 237adb504eb04b3b0e9c1ae94b4998ae6709f536 Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 11:31:41 +0000
Subject: [PATCH 3/9] Update values.yaml enable minio and enterprise

---
 chart/values.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index 0636fc6..908c493 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -49,7 +49,7 @@ replicaCount: 3
 users: 100 # Allowable: 100, 1000, 5000, 10000, 25000
 
 enterprise:
-  enabled: false
+  enabled: true
   license: ""
   # Example:
   # license: |
@@ -114,7 +114,7 @@ volumeMounts: {}
   #   readOnly: true
 
 minio:
-  install: false
+  install: true
 
   # Override the minio service name for easier connection setup
   service:
-- 
GitLab


From 84ee5460323416cec69494d300583f456af3dc53 Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 12:12:33 +0000
Subject: [PATCH 4/9] Try to enable sso

---
 chart/values.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index 908c493..39b7a3b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -26,9 +26,9 @@ networkPolicies:
   controlPlaneCidr: 0.0.0.0/0
 
 sso:
-  enabled: false
-  client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost
-  client_secret: nothing # Change to your Keycloak client secret
+  enabled: true
+  client_id: "platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost"
+  client_secret: "no-secret"
   auth_endpoint: https://login.dso.mil/oauth/authorize
   token_endpoint: https://login.dso.mil/oauth/token
   user_api_endpoint: https://login.dso.mil/api/v4/user
-- 
GitLab


From a485e0e900c43dee7f19b1007b59d8e972e115bb Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 13:54:16 +0000
Subject: [PATCH 5/9] Revert unneeded changes to values.yaml

---
 chart/values.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index 39b7a3b..c94be7b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -15,7 +15,7 @@ istio:
 
 # NOTE: Requires enterprise.enabled to have any effect
 monitoring:
-  enabled: true
+  enabled: false
   namespace: monitoring
 
 networkPolicies:
@@ -26,9 +26,9 @@ networkPolicies:
   controlPlaneCidr: 0.0.0.0/0
 
 sso:
-  enabled: true
-  client_id: "platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost"
-  client_secret: "no-secret"
+  enabled: false
+  client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost
+  client_secret: nothing # Change to your Keycloak client secret
   auth_endpoint: https://login.dso.mil/oauth/authorize
   token_endpoint: https://login.dso.mil/oauth/token
   user_api_endpoint: https://login.dso.mil/api/v4/user
@@ -49,7 +49,7 @@ replicaCount: 3
 users: 100 # Allowable: 100, 1000, 5000, 10000, 25000
 
 enterprise:
-  enabled: true
+  enabled: false
   license: ""
   # Example:
   # license: |
-- 
GitLab


From 4b468b56fb2908a2a38eefbf352dfc59b735c878 Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 16:37:03 +0000
Subject: [PATCH 6/9] Apply 1 suggestion(s) to 1 file(s)

---
 chart/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index c94be7b..636b50a 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -114,7 +114,7 @@ volumeMounts: {}
   #   readOnly: true
 
 minio:
-  install: true
+  install: false
 
   # Override the minio service name for easier connection setup
   service:
-- 
GitLab


From 4c32e950285793d57dcef20b0242cb2221c77a75 Mon Sep 17 00:00:00 2001
From: Micah Nagel <micah.nagel@parsons.com>
Date: Tue, 22 Jun 2021 17:04:07 +0000
Subject: [PATCH 7/9] Apply 1 suggestion(s) to 1 file(s)

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f1e6e71..9041031 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ---
 
-## [0.1.6-bb.6] - 2021-06-21
+## [0.1.6-bb.6] - 2021-06-22
 ### Changed
 - Update Mattermost to version 5.36.0
 
-- 
GitLab


From 0211483fe7aa45ff48f4210cda5c8440f16fe398 Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 19:32:46 +0000
Subject: [PATCH 8/9] Update network policies to allow access to plug-in
 marketplace

---
 .../allow-external-filestore.yaml             | 20 -------------------
 .../allow-external-postgres.yaml              | 19 ------------------
 ...ress.yaml => allow-mattermost-egress.yaml} |  2 +-
 3 files changed, 1 insertion(+), 40 deletions(-)
 delete mode 100644 chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml
 rename chart/templates/bigbang/networkpolicies/{allow-sso-egress.yaml => allow-mattermost-egress.yaml} (85%)

diff --git a/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml b/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml
deleted file mode 100644
index 738b7a3..0000000
--- a/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if and .Values.networkPolicies.enabled (not .Values.minio.install) }}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-external-filestore-egress
-  namespace: {{ .Release.Namespace }}
-spec:
-  podSelector:
-    matchLabels:
-      app: mattermost
-  policyTypes:
-  - Egress
-  egress:
-  - to:
-    - ipBlock:
-        cidr: 0.0.0.0/0
-        # ONLY Block requests to AWS metadata IP
-        except:
-        - 169.254.169.254/32
-{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml b/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml
index 1e43c65..265a0e5 100644
--- a/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml
@@ -1,25 +1,6 @@
 {{- if and .Values.networkPolicies.enabled (not .Values.postgresql.install) }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
-metadata:
-  name: allow-external-postgres-egress
-  namespace: {{ .Release.Namespace }}
-spec:
-  podSelector:
-    matchLabels:
-      app: mattermost
-  policyTypes:
-  - Egress
-  egress:
-  - to:
-    - ipBlock:
-        cidr: 0.0.0.0/0
-        # ONLY Block requests to AWS metadata IP
-        except:
-        - 169.254.169.254/32
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
 metadata:
   name: allow-external-postgres-egress-upgrade
   namespace: {{ .Release.Namespace }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml b/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
similarity index 85%
rename from chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml
rename to chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
index 217238b..223d109 100644
--- a/chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.networkPolicies.enabled .Values.sso.enabled }}
+{{- if .Values.networkPolicies.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-- 
GitLab


From ccc2089ad1924afa5340876e1d1a890ac355f7c1 Mon Sep 17 00:00:00 2001
From: Charles Culman <chuck.culman@lmco.com>
Date: Tue, 22 Jun 2021 19:51:37 +0000
Subject: [PATCH 9/9] Apply 1 suggestion(s) to 1 file(s)

---
 .../bigbang/networkpolicies/allow-mattermost-egress.yaml        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml b/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
index 223d109..931746c 100644
--- a/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-mattermost-egress.yaml
@@ -2,7 +2,7 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: allow-sso-egress
+  name: allow-mattermost-egress
   namespace: {{ .Release.Namespace }}
 spec:
   podSelector:
-- 
GitLab