Updated helm chart

adorsys · Dec 11, 2024 · 6ca26d2 · 6ca26d2
1 parent 4221e2e
commit 6ca26d2
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 9 deletions.
diff --git a/keycloak-chart/templates/deployment.yaml b/keycloak-chart/templates/deployment.yaml
@@ -23,4 +23,26 @@ spec:
           imagePullPolicy: {{ .Values.keycloak.image.pullPolicy }}
           ports:
           - containerPort: {{ .Values.keycloak.service.port }}
-
+          env:
+            - name: KC_BOOTSTRAP_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.keycloak.secrets }}
+                  key: KC_BOOTSTRAP_ADMIN_PASSWORD
+          volumeMounts:
+            {{- range .Values.keycloak.volumeMounts }}
+            - name: {{ .name }}
+              mountPath: {{ .mountPath }}
+            {{- end }}
+      volumes:
+        {{- range .Values.keycloak.volumes }}
+        - name: {{ .name }}
+          configMap:
+            name: {{ .configMap.name }}
+            optional: {{ .configMap.optional | default false }}
+            items:
+              {{- range .configMap.items }}
+              - key: {{ .key }}
+                path: {{ .path }}
+              {{- end }}
+        {{- end }}
diff --git a/keycloak-chart/templates/external-secrets.yml b/keycloak-chart/templates/external-secrets.yml
@@ -15,4 +15,8 @@ spec:
   - secretKey: KC_DB_PASSWORD
     remoteRef:
       key: {{ .Values.awsSecretName }}
-      property: KC_DB_PASSWORD
+      property: KC_DB_PASSWORD
+  - secretKey: KC_BOOTSTRAP_ADMIN_PASSWORD
+    remoteRef:
+      key: {{ .Values.awsSecretName }}
+      property: KC_BOOTSTRAP_ADMIN_PASSWORD
diff --git a/keycloak-chart/templates/services.yaml b/keycloak-chart/templates/services.yaml
@@ -1,5 +1,4 @@
 ---
-# Keycloak service
 apiVersion: v1
 kind: Service
 metadata:
@@ -16,7 +15,6 @@ spec:
     app: {{ include "keycloak-chart.name" . }}
 
 ---
-# Postgres service
 {{- if .Values.postgres.enabled }}
 apiVersion: v1
 kind: Service

diff --git a/keycloak-chart/values.yaml b/keycloak-chart/values.yaml
@@ -1,4 +1,4 @@
-usePostgresInCluster: true # If true, use internal PostgreSQL in the cluster; false will use external RDS
+usePostgresInCluster: false # If true, use internal PostgreSQL in the cluster; false will use external RDS
 host: postgres-service
 rdsEndpoint: datev-rds.c9ocg0umkn0m.eu-central-1.rds.amazonaws.com
 fullnameOverride: keycloak
@@ -14,17 +14,29 @@ keycloak:
     type: LoadBalancer
     port: 8443
   imagePullSecret: ghcr-pull-secret
+  envConfigMapName: keycloak-env-config
+  volumes:
+    - name: env-volume
+      configMap:
+        name: keycloak-env-config
+        optional: true
+        items:
+          - key: ".env"
+            path: ".env"
+  volumeMounts:
+    - name: env-volume
+      mountPath: /opt/keycloak/env
 
 # Postgresql Configuration
 postgres:
-  enabled: true
+  enabled: false
   image:
     repository: postgres
     tag: latest
     pullPolicy: IfNotPresent
   replicas: 1
   service:
-    name: postgres-services
+    name: postgres-service
     type: ClusterIP
     port: 5432
   volumes:
@@ -34,8 +46,8 @@ postgres:
     - mountPath: /var/lib/postgresql/data
       name: db-data
   env:
-    POSTGRES_DB: keycloakdb
-    POSTGRES_USER: keycloakadmin
+    POSTGRES_DB: kc_ssi_db
+    POSTGRES_USER: datevadmin
 
 # External Secret Store
 awsSecretName: datev-wallet-secrets