diff --git a/charts/kubezero-auth/Chart.yaml b/charts/kubezero-auth/Chart.yaml index 0fcc6ab..ea3c042 100644 --- a/charts/kubezero-auth/Chart.yaml +++ b/charts/kubezero-auth/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubezero-auth description: KubeZero umbrella chart for all things Authentication and Identity management type: application -version: 0.2.2 -appVersion: 18.0.1 +version: 0.2.4 +appVersion: 19.0.1 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: @@ -14,10 +14,10 @@ maintainers: email: stefan@zero-downtime.net dependencies: - name: kubezero-lib - version: ">= 0.1.4" + version: ">= 0.1.5" repository: https://cdn.zero-downtime.net/charts/ - name: postgresql - version: 11.6.7 + version: 11.8.1 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled kubeVersion: ">= 1.20.0" diff --git a/charts/kubezero-auth/crds/keycloak-realmimports.yaml b/charts/kubezero-auth/crds/keycloak-realmimports.yaml index ed871d6..cf4e799 100644 --- a/charts/kubezero-auth/crds/keycloak-realmimports.yaml +++ b/charts/kubezero-auth/crds/keycloak-realmimports.yaml @@ -704,6 +704,7 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string @@ -711,6 +712,7 @@ spec: type: string policyEnforcementMode: enum: + - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -750,11 +752,13 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string logic: enum: + - stableIndex - POSITIVE - NEGATIVE type: string @@ -1558,6 +1562,7 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string @@ -1565,6 +1570,7 @@ spec: type: string policyEnforcementMode: enum: + - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -1604,11 +1610,13 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string logic: enum: + - stableIndex - POSITIVE - NEGATIVE type: string @@ -1930,6 +1938,7 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string @@ -1937,6 +1946,7 @@ spec: type: string policyEnforcementMode: enum: + - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -1976,11 +1986,13 @@ spec: decisionStrategy: enum: - AFFIRMATIVE + - stableIndex - CONSENSUS - UNANIMOUS type: string logic: enum: + - stableIndex - POSITIVE - NEGATIVE type: string diff --git a/charts/kubezero-auth/crds/keycloak.yaml b/charts/kubezero-auth/crds/keycloak.yaml index 990f063..13abb8d 100644 --- a/charts/kubezero-auth/crds/keycloak.yaml +++ b/charts/kubezero-auth/crds/keycloak.yaml @@ -19,6 +19,14 @@ spec: properties: spec: properties: + hostname: + description: |- + Hostname for the Keycloak server. + The special value `INSECURE-DISABLE` disables the hostname strict resolution. + type: string + instances: + description: Number of Keycloak instances in HA mode. Default is 1. + type: integer serverConfiguration: description: |- Configuration of the Keycloak server. @@ -40,14 +48,17 @@ spec: type: string type: object type: array - hostname: + tlsSecret: description: |- - Hostname for the Keycloak server. - The special value `INSECURE-DISABLE` disables the hostname strict resolution. + A secret containing the TLS configuration for HTTPS. Reference: https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets. + The special value `INSECURE-DISABLE` disables https. + type: string + disableDefaultIngress: + description: Disable the default ingress. + type: boolean + image: + description: Custom Keycloak image to be used. type: string - instances: - description: Number of Keycloak instances in HA mode. Default is 1. - type: integer unsupported: description: |- In this section you can configure podTemplate advanced features, not production-ready, and not supported settings. @@ -2754,17 +2765,6 @@ spec: type: object type: object type: object - tlsSecret: - description: |- - A secret containing the TLS configuration for HTTPS. Reference: https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets. - The special value `INSECURE-DISABLE` disables https. - type: string - disableDefaultIngress: - description: Disable the default ingress. - type: boolean - image: - description: Custom Keycloak image to be used. - type: string required: - hostname - tlsSecret diff --git a/charts/kubezero-auth/templates/keycloak/operator.yaml b/charts/kubezero-auth/templates/keycloak/operator.yaml index e3d4779..42c616a 100644 --- a/charts/kubezero-auth/templates/keycloak/operator.yaml +++ b/charts/kubezero-auth/templates/keycloak/operator.yaml @@ -4,9 +4,9 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 + app.quarkus.io/build-timestamp: 2022-07-29 - 11:21:21 +0000 labels: - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 app.kubernetes.io/name: keycloak-operator name: keycloak-operator --- @@ -14,10 +14,10 @@ apiVersion: v1 kind: Service metadata: annotations: - app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 + app.quarkus.io/build-timestamp: 2022-07-29 - 11:21:21 +0000 labels: app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 name: keycloak-operator spec: ports: @@ -26,7 +26,7 @@ spec: targetPort: 8080 selector: app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 type: ClusterIP --- apiVersion: rbac.authorization.k8s.io/v1 @@ -38,7 +38,7 @@ rules: - apps - extensions resources: - - deployments + - statefulsets verbs: - get - list @@ -179,23 +179,23 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 + app.quarkus.io/build-timestamp: 2022-07-29 - 11:21:21 +0000 labels: - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 app.kubernetes.io/name: keycloak-operator name: keycloak-operator spec: replicas: 1 selector: matchLabels: - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 app.kubernetes.io/name: keycloak-operator template: metadata: annotations: - app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 + app.quarkus.io/build-timestamp: 2022-07-29 - 11:21:21 +0000 labels: - app.kubernetes.io/version: 18.0.1 + app.kubernetes.io/version: 19.0.1 app.kubernetes.io/name: keycloak-operator spec: containers: @@ -205,8 +205,8 @@ spec: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_KEYCLOAK_IMAGE - value: quay.io/keycloak/keycloak:18.0.1 - image: quay.io/keycloak/keycloak-operator:18.0.1 + value: quay.io/keycloak/keycloak:19.0.1 + image: quay.io/keycloak/keycloak-operator:19.0.1 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/charts/kubezero-auth/values.yaml b/charts/kubezero-auth/values.yaml index 1ac2737..ec225c7 100644 --- a/charts/kubezero-auth/values.yaml +++ b/charts/kubezero-auth/values.yaml @@ -13,6 +13,7 @@ postgresql: enabled: false auth: + existingSecret: kubezero-auth-postgresql username: keycloak database: keycloak