2022-05-11 14:31:37 +00:00
|
|
|
{{- if .Values.keycloak.enabled }}
|
|
|
|
apiVersion: k8s.keycloak.org/v2alpha1
|
|
|
|
kind: Keycloak
|
|
|
|
metadata:
|
|
|
|
name: {{ template "kubezero-lib.fullname" . }}
|
|
|
|
namespace: {{ .Release.Namespace }}
|
2022-11-03 13:41:46 +00:00
|
|
|
labels:
|
|
|
|
{{- include "kubezero-lib.labels" . | nindent 4 }}
|
2022-05-11 14:31:37 +00:00
|
|
|
spec:
|
2022-11-03 12:20:50 +00:00
|
|
|
instances: {{ .Values.keycloak.replicas }}
|
2022-06-21 18:35:35 +00:00
|
|
|
|
2022-11-03 12:20:50 +00:00
|
|
|
additionalOptions:
|
|
|
|
# Needs int casting thx to https://github.com/kubernetes-sigs/yaml/issues/45
|
|
|
|
{{- if lt (int .Values.keycloak.replicas) 2 }}
|
2022-05-11 14:31:37 +00:00
|
|
|
- name: cache
|
|
|
|
value: local
|
2022-11-03 12:20:50 +00:00
|
|
|
{{- end }}
|
2022-06-21 18:35:35 +00:00
|
|
|
{{- if .Values.postgresql.enabled }}
|
|
|
|
- name: db
|
|
|
|
value: postgres
|
|
|
|
- name: db-url-host
|
|
|
|
value: {{ template "kubezero-lib.fullname" . }}-postgresql
|
|
|
|
- name: db-username
|
|
|
|
value: keycloak
|
|
|
|
- name: db-password
|
|
|
|
secret:
|
|
|
|
name: {{ template "kubezero-lib.fullname" . }}-postgresql
|
|
|
|
key: password
|
|
|
|
{{- else }}
|
|
|
|
# Fallback to local file within the pod - dev ONLY !!
|
2022-05-11 14:31:37 +00:00
|
|
|
- name: db
|
2022-06-21 18:35:35 +00:00
|
|
|
value: dev-file
|
|
|
|
{{- end }}
|
2022-11-03 13:41:46 +00:00
|
|
|
- name: metrics-enabled
|
|
|
|
value: {{ .Values.keycloak.metrics.enabled | quote }}
|
2022-05-11 14:31:37 +00:00
|
|
|
- name: hostname-strict-https
|
|
|
|
value: "false"
|
|
|
|
- name: proxy
|
2022-11-03 12:20:50 +00:00
|
|
|
value: edge
|
2022-05-11 14:31:37 +00:00
|
|
|
- name: http-enabled
|
|
|
|
value: "true"
|
2022-11-03 13:41:46 +00:00
|
|
|
- name: log-console-output
|
|
|
|
value: json
|
2022-05-11 14:31:37 +00:00
|
|
|
|
2022-06-21 18:35:35 +00:00
|
|
|
|
2022-11-03 12:20:50 +00:00
|
|
|
ingress:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
http:
|
|
|
|
httpEnabled: true
|
|
|
|
|
2022-05-11 14:31:37 +00:00
|
|
|
# We use Istio Ingress to terminate TLS
|
|
|
|
# mTls down the road
|
2022-11-03 12:20:50 +00:00
|
|
|
hostname:
|
|
|
|
hostname: {{ default "keycloak" .Values.keycloak.istio.url }}
|
|
|
|
strict: false
|
|
|
|
strictBackchannel: false
|
2022-05-11 14:31:37 +00:00
|
|
|
{{- end }}
|