diff options
author | Andreas Geissler <andreas-geissler@telekom.de> | 2024-04-24 15:38:24 +0200 |
---|---|---|
committer | Andreas Geissler <andreas-geissler@telekom.de> | 2024-06-05 13:49:50 +0200 |
commit | e9f67624d1f5e25d24c951e385661341baa21830 (patch) | |
tree | 5c76da9347276454bee590369905b5b35b0489dc /kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml | |
parent | 53fe20dc15c0e23c27bee5c1450340e454b8945b (diff) |
[AUTHENTICATION] Restructured keycloak and Oauth2-proxy
Changed keycloak-init to "authentication"
and moved as root chart
Moved oauth2-proxy to onap-authentication and updated
to version 7.5.4
Use TCL proposal for REALM creation.
Update keycloak-config-cli version to 5.12.0.
Ingress AuthorizationPolicy creation for all defined accessRoles
in the configured realms
Issue-ID: OOM-3292
Issue-ID: OOM-3268
Change-Id: I0901cd416ca5da871931d7cf084cd35c55f804f1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml')
-rw-r--r-- | kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml b/kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml new file mode 100644 index 0000000000..fa9363e9d0 --- /dev/null +++ b/kubernetes/authentication/components/keycloak-config-cli/templates/realms.yaml @@ -0,0 +1,32 @@ +{{/* + # Copyright © adorsys GmbH & Co. KG + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. +*/}} +{{ if not .Values.existingConfigSecret }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "keycloak-config-cli.fullname" . }}-config-realms + labels: + {{- include "keycloak-config-cli.labels" . | nindent 4 }} +data: + {{- range $name, $config := .Values.config }} + {{- if hasKey $config "file" }} + {{ $name }}.json: "{{ tpl ($.Files.Get $config.file) $ | b64enc }}" + {{- else if hasKey $config "inline" }} + {{ $name }}.json: "{{ tpl (toJson $config.inline) $ | b64enc }}" + {{- end }} + {{- end }} +{{- end }} |