{{- if .Values.keycloak.enabled }} --- apiVersion: v1 kind: ServiceAccount metadata: annotations: app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 labels: app.kubernetes.io/version: 18.0.1 app.kubernetes.io/name: keycloak-operator name: keycloak-operator --- apiVersion: v1 kind: Service metadata: annotations: app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 labels: app.kubernetes.io/name: keycloak-operator app.kubernetes.io/version: 18.0.1 name: keycloak-operator spec: ports: - name: http port: 80 targetPort: 8080 selector: app.kubernetes.io/name: keycloak-operator app.kubernetes.io/version: 18.0.1 type: ClusterIP --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: keycloak-operator-role rules: - apiGroups: - apps - extensions resources: - deployments verbs: - get - list - watch - create - delete - patch - update - apiGroups: - "" resources: - secrets - services verbs: - get - list - watch - create - delete - patch - update - apiGroups: - batch resources: - jobs verbs: - get - list - watch - create - delete - patch - update - apiGroups: - networking.k8s.io resources: - ingresses verbs: - get - list - watch - create - delete - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: app.kubernetes.io/name: keycloak-operator name: keycloak-operator-role-binding roleRef: kind: Role apiGroup: rbac.authorization.k8s.io name: keycloak-operator-role subjects: - kind: ServiceAccount name: keycloak-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: keycloak-operator-view roleRef: kind: ClusterRole apiGroup: rbac.authorization.k8s.io name: view subjects: - kind: ServiceAccount name: keycloak-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: keycloakcontroller-role-binding roleRef: kind: ClusterRole apiGroup: rbac.authorization.k8s.io name: keycloakcontroller-cluster-role subjects: - kind: ServiceAccount name: keycloak-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: keycloakrealmimportcontroller-role-binding roleRef: kind: ClusterRole apiGroup: rbac.authorization.k8s.io name: keycloakrealmimportcontroller-cluster-role subjects: - kind: ServiceAccount name: keycloak-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: keycloakcontroller-cluster-role rules: - apiGroups: - k8s.keycloak.org resources: - keycloaks - keycloaks/status - keycloaks/finalizers verbs: - get - list - watch - create - delete - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: keycloakrealmimportcontroller-cluster-role rules: - apiGroups: - k8s.keycloak.org resources: - keycloakrealmimports - keycloakrealmimports/status - keycloakrealmimports/finalizers verbs: - get - list - watch - create - delete - patch - update --- apiVersion: apps/v1 kind: Deployment metadata: annotations: app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 labels: app.kubernetes.io/version: 18.0.1 app.kubernetes.io/name: keycloak-operator name: keycloak-operator spec: replicas: 1 selector: matchLabels: app.kubernetes.io/version: 18.0.1 app.kubernetes.io/name: keycloak-operator template: metadata: annotations: app.quarkus.io/build-timestamp: 2022-06-17 - 10:24:55 +0000 labels: app.kubernetes.io/version: 18.0.1 app.kubernetes.io/name: keycloak-operator spec: containers: - env: - name: KUBERNETES_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_KEYCLOAK_IMAGE value: quay.io/keycloak/keycloak:18.0.1 image: quay.io/keycloak/keycloak-operator:18.0.1 imagePullPolicy: Always livenessProbe: failureThreshold: 3 httpGet: path: /q/health/live port: 8080 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 10 name: keycloak-operator ports: - containerPort: 8080 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /q/health/ready port: 8080 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 10 serviceAccountName: keycloak-operator {{- end }}