aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2021-04-27 20:20:57 +0000
committerGerrit Code Review <gerrit@onap.org>2021-04-27 20:20:57 +0000
commitf545b5b04321e75824d2eb609c1deab0a75c9509 (patch)
tree4718694d434fd48dbf7595ce90beb18d4ebd8ad2
parent8e34a4ba53b5e2a280eed6517ed6549bab4cd516 (diff)
parenta08006e532a4c4594ca61ef18514f0ad5716e5bc (diff)
Merge "[AAI] Keycloak integration into aai-resources updates"
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties6
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml14
2 files changed, 15 insertions, 5 deletions
diff --git a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
index 4f480cb5d7..774e8bd5ca 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
@@ -3,10 +3,10 @@ spring.autoconfigure.exclude=\
org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-multi.tenancy.enabled=true
+multi.tenancy.enabled={{ .Values.config.keycloak.multiTenancy.enabled }}
keycloak.auth-server-url=http://{{ .Values.config.keycloak.host }}:{{ .Values.config.keycloak.port }}/auth
-keycloak.realm=aai-resources
-keycloak.resource=aai-resources-app
+keycloak.realm={{ .Values.config.keycloak.realm }}
+keycloak.resource={{ .Values.config.keycloak.resource }}
keycloak.public-client=true
keycloak.principal-attribute=preferred_username
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index b84139161e..f30b067b2e 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -49,7 +49,7 @@ global: # global defaults
# Active spring profiles for the resources microservice
profiles:
- active: production,dmaap,aaf-auth
+ active: production,dmaap,aaf-auth #,keycloak
# Notification event specific properties
notification:
@@ -164,9 +164,19 @@ replicaCount: 1
# Configuration for the resources deployment
config:
+ # configure keycloak according to your environment.
+ # don't forget to add keycloak in active profiles above (global.config.profiles)
keycloak:
- host: localhost
+ host: keycloak.your.domain
port: 8180
+ # Specifies a set of users, credentials, roles, and groups
+ realm: aai-resources
+ # Used by any client application for enabling fine-grained authorization for their protected resources
+ resource: aai-resources-app
+ # If set to true, additional criteria will be added that match the data-owner property with the given role
+ # to the user in keycloak
+ multiTenancy:
+ enabled: true
# Specifies crud related operation timeouts and overrides
crud: