[COMMON] Fix mariadb template, so and authentication after checking in ArgoCD

- mariadb: manifest was not synced by ArgoCD, as entry for securityContext was wrong - authentication: wrong keycloak-config-cli version and implementation - so: added annotation for ArgoCD in job Issue-ID: OOM-3330 Change-Id: I6f573defe2f44b625027325f318e63fca1846e3c Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
author: Andreas Geissler <andreas-geissler@telekom.de> 2025-02-14 16:40:09 +0100
committer: Andreas Geissler <andreas-geissler@telekom.de> 2025-02-21 12:00:55 +0100
commit: 5e2b423a7239a6fb4c47ba914c3b2851f6dee6aa (patch)
tree: 08c5be9b1899d393d40eb388d10b133caf1e3890 /kubernetes/authentication/components
parent: 4885be4c0fde704fd1c56df408871be0647b6e4f (diff)
4 files changed, 25 insertions, 12 deletions
diff --git a/kubernetes/authentication/components/keycloak-config-cli/Chart.yaml b/kubernetes/authentication/components/keycloak-config-cli/Chart.yaml
index c196bcc6e2..32514f7867 100644
--- a/kubernetes/authentication/components/keycloak-config-cli/Chart.yaml
+++ b/kubernetes/authentication/components/keycloak-config-cli/Chart.yaml
@@ -20,8 +20,8 @@ apiVersion: v2
 name: onap-keycloak-config-cli
 description: Import JSON-formatted configuration files into Keycloak - Configuration as Code for Keycloak.
 home: https://github.com/adorsys/keycloak-config-cli
-version: 6.1.6
-appVersion: 6.1.6
+version: 6.2.1
+appVersion: 6.2.1
 maintainers:
   - name: jkroepke
     email: joe@adorsys.de
diff --git a/kubernetes/authentication/components/keycloak-config-cli/templates/job.yaml b/kubernetes/authentication/components/keycloak-config-cli/templates/job.yaml
index 322db2b7a1..5ea4cbd770 100644
--- a/kubernetes/authentication/components/keycloak-config-cli/templates/job.yaml
+++ b/kubernetes/authentication/components/keycloak-config-cli/templates/job.yaml
@@ -50,7 +50,7 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           {{- with .Values.resources }}
           resources:
-          {{- toYaml . | nindent 10 }}
+          {{- toYaml . | nindent 12 }}
           {{- end }}
           env:
             {{- range $name, $value := .Values.env }}
@@ -70,10 +70,19 @@ spec:
                 secretKeyRef:
                   name: "{{ tpl .Values.existingSecret . }}"
                   key: "{{ .Values.existingSecretKey }}"
-          {{- end }}
-          {{- with .Values.securityContext }}
+            {{- end }}
+            {{- if .Values.existingSecrets }}
+            {{- range .Values.existingSecrets }}
+            - name: {{ .envVar }}
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .name }}
+                  key: {{ .key }}
+            {{- end }}
+            {{- end }}
+          {{- with .Values.containerSecurityContext }}
           securityContext:
-          {{- toYaml . | nindent 10 }}
+          {{- toYaml . | nindent 12 }}
           {{- end }}
           volumeMounts:
             - name: config
@@ -81,7 +90,6 @@ spec:
             {{- with .Values.extraVolumeMounts }}
             {{- tpl . $ | nindent 12 }}
             {{- end }}
-        {{ include "common.waitForJobContainer" . | indent 8 | trim }}
       volumes:
         - name: config
           secret:
@@ -100,4 +108,4 @@ spec:
       {{- with .Values.securityContext }}
       securityContext:
       {{- toYaml . | nindent 8 }}
-  {{- end }}
+      {{- end }}
diff --git a/kubernetes/authentication/components/keycloak-config-cli/values.yaml b/kubernetes/authentication/components/keycloak-config-cli/values.yaml
index 9574d148ec..ffeeaeb176 100644
--- a/kubernetes/authentication/components/keycloak-config-cli/values.yaml
+++ b/kubernetes/authentication/components/keycloak-config-cli/values.yaml
@@ -75,6 +75,11 @@ podLabels: {}
 
 ## Extra Annotations to be added to pod
 podAnnotations: {}
+# New section for existing secrets
+existingSecrets:
+# - name: my-existing-secret
+#   key: my-secret-key
+#   envVar: MY_ENV_VAR
 
 config: {}
   # <realm name>:
@@ -91,7 +96,3 @@ extraVolumes: ""
 
 # Add additional volumes mounts, e. g. for custom secrets
 extraVolumeMounts: ""
-
-wait_for_job_container:
-  containers:
-    - 'keycloak-config-cli'
diff --git a/kubernetes/authentication/components/oauth2-proxy/values.yaml b/kubernetes/authentication/components/oauth2-proxy/values.yaml
index 14ea469fa8..7157aa0c72 100644
--- a/kubernetes/authentication/components/oauth2-proxy/values.yaml
+++ b/kubernetes/authentication/components/oauth2-proxy/values.yaml
@@ -7,6 +7,10 @@ global:
   imageRegistry: docker.io
   imagePullSecrets:
     - '{{ include "common.names.namespace" . }}-docker-registry-key'
+
+  # Workaround to avoid redis restarts with ArgoCD
+  redis:
+    password: "32ugd3783rhfjdhow"
   # *************************************************
 
 ## Override the deployment namespace
author	Andreas Geissler <andreas-geissler@telekom.de>	2025-02-14 16:40:09 +0100
committer	Andreas Geissler <andreas-geissler@telekom.de>	2025-02-21 12:00:55 +0100
commit	5e2b423a7239a6fb4c47ba914c3b2851f6dee6aa (patch)
tree	08c5be9b1899d393d40eb388d10b133caf1e3890 /kubernetes/authentication/components
parent	4885be4c0fde704fd1c56df408871be0647b6e4f (diff)