From 6ca26d2be3235c5ce00f8f0299438100259de387 Mon Sep 17 00:00:00 2001 From: Awambeng Rodrick Date: Wed, 11 Dec 2024 14:29:39 +0100 Subject: [PATCH] Updated helm chart --- keycloak-chart/templates/deployment.yaml | 24 ++++++++++++++++++- keycloak-chart/templates/external-secrets.yml | 6 ++++- keycloak-chart/templates/services.yaml | 2 -- keycloak-chart/values.yaml | 22 +++++++++++++---- 4 files changed, 45 insertions(+), 9 deletions(-) diff --git a/keycloak-chart/templates/deployment.yaml b/keycloak-chart/templates/deployment.yaml index e7b7c5b..8cf48fd 100644 --- a/keycloak-chart/templates/deployment.yaml +++ b/keycloak-chart/templates/deployment.yaml @@ -23,4 +23,26 @@ spec: imagePullPolicy: {{ .Values.keycloak.image.pullPolicy }} ports: - containerPort: {{ .Values.keycloak.service.port }} - \ No newline at end of file + env: + - name: KC_BOOTSTRAP_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.keycloak.secrets }} + key: KC_BOOTSTRAP_ADMIN_PASSWORD + volumeMounts: + {{- range .Values.keycloak.volumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + {{- end }} + volumes: + {{- range .Values.keycloak.volumes }} + - name: {{ .name }} + configMap: + name: {{ .configMap.name }} + optional: {{ .configMap.optional | default false }} + items: + {{- range .configMap.items }} + - key: {{ .key }} + path: {{ .path }} + {{- end }} + {{- end }} diff --git a/keycloak-chart/templates/external-secrets.yml b/keycloak-chart/templates/external-secrets.yml index 4f25435..65890e6 100644 --- a/keycloak-chart/templates/external-secrets.yml +++ b/keycloak-chart/templates/external-secrets.yml @@ -15,4 +15,8 @@ spec: - secretKey: KC_DB_PASSWORD remoteRef: key: {{ .Values.awsSecretName }} - property: KC_DB_PASSWORD \ No newline at end of file + property: KC_DB_PASSWORD + - secretKey: KC_BOOTSTRAP_ADMIN_PASSWORD + remoteRef: + key: {{ .Values.awsSecretName }} + property: KC_BOOTSTRAP_ADMIN_PASSWORD diff --git a/keycloak-chart/templates/services.yaml b/keycloak-chart/templates/services.yaml index 64c68d2..49f0f55 100644 --- a/keycloak-chart/templates/services.yaml +++ b/keycloak-chart/templates/services.yaml @@ -1,5 +1,4 @@ --- -# Keycloak service apiVersion: v1 kind: Service metadata: @@ -16,7 +15,6 @@ spec: app: {{ include "keycloak-chart.name" . }} --- -# Postgres service {{- if .Values.postgres.enabled }} apiVersion: v1 kind: Service diff --git a/keycloak-chart/values.yaml b/keycloak-chart/values.yaml index b7b07dd..2e1aac5 100644 --- a/keycloak-chart/values.yaml +++ b/keycloak-chart/values.yaml @@ -1,4 +1,4 @@ -usePostgresInCluster: true # If true, use internal PostgreSQL in the cluster; false will use external RDS +usePostgresInCluster: false # If true, use internal PostgreSQL in the cluster; false will use external RDS host: postgres-service rdsEndpoint: datev-rds.c9ocg0umkn0m.eu-central-1.rds.amazonaws.com fullnameOverride: keycloak @@ -14,17 +14,29 @@ keycloak: type: LoadBalancer port: 8443 imagePullSecret: ghcr-pull-secret + envConfigMapName: keycloak-env-config + volumes: + - name: env-volume + configMap: + name: keycloak-env-config + optional: true + items: + - key: ".env" + path: ".env" + volumeMounts: + - name: env-volume + mountPath: /opt/keycloak/env # Postgresql Configuration postgres: - enabled: true + enabled: false image: repository: postgres tag: latest pullPolicy: IfNotPresent replicas: 1 service: - name: postgres-services + name: postgres-service type: ClusterIP port: 5432 volumes: @@ -34,8 +46,8 @@ postgres: - mountPath: /var/lib/postgresql/data name: db-data env: - POSTGRES_DB: keycloakdb - POSTGRES_USER: keycloakadmin + POSTGRES_DB: kc_ssi_db + POSTGRES_USER: datevadmin # External Secret Store awsSecretName: datev-wallet-secrets