Merge "[AUTHENTICATION] Restructured keycloak and Oauth2-proxy"HEADmaster

8 files changed, 0 insertions, 455 deletions

diff --git a/kubernetes/platform/components/keycloak-init/components/Makefile b/kubernetes/platform/components/keycloak-init/components/Makefile
deleted file mode 100644
index 4ecfbc53cc..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2020 Samsung Electronics, Orange, Nokia
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
-	HELM_LINT_CMD := $(HELM_BIN) lint
-else
-	HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
-	@echo "\n[$@]"
-	@make package-$@
-
-make-%:
-	@if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
-	@if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
-	@if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
-	@mkdir -p $(PACKAGE_DIR)
-	@if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
-	@sleep 3
-	#@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
-	@rm -f */Chart.lock
-	@rm -f *tgz */charts/*tgz
-	@rm -rf $(PACKAGE_DIR)
-%:
-	@:
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/.helmignore b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/Chart.yaml b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/Chart.yaml
deleted file mode 100644
index abcf889834..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/Chart.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-#============LICENSE_START========================================================
-# ================================================================================
-# Copyright © adorsys GmbH & Co. KG
-# Modifications © 2022 Deutsche Telekom
-# ================================================================================
-# Original licence (https://github.com/codecentric/helm-charts/blob/master/LICENSE)
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-apiVersion: v2
-name: onap-keycloak-config-cli
-description: Import JSON-formatted configuration files into Keycloak - Configuration as Code for Keycloak.
-home: https://github.com/adorsys/keycloak-config-cli
-version: 5.10.0
-appVersion: 5.10.0
-maintainers:
-  - name: jkroepke
-    email: joe@adorsys.de
-    url: https://github.com/jkroepke
-keywords:
-  - keycloak
-  - config
-  - import
-  - json
-  - continuous-integration
-  - keycloak-config-cli
-sources:
-  - https://github.com/adorsys/keycloak-config-cli
-
-dependencies:
-  - name: common
-    version: ~13.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~13.x-0
-    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/_helpers.tpl b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/_helpers.tpl
deleted file mode 100644
index cc1ad7ad8d..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/_helpers.tpl
+++ /dev/null
@@ -1,68 +0,0 @@
-{{/*
-  # Copyright © adorsys GmbH & Co. KG
-  #
-  # Licensed under the Apache License, Version 2.0 (the "License");
-  # you may not use this file except in compliance with the License.
-  # You may obtain a copy of the License at
-  #
-  #       http://www.apache.org/licenses/LICENSE-2.0
-  #
-  # Unless required by applicable law or agreed to in writing, software
-  # distributed under the License is distributed on an "AS IS" BASIS,
-  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  # See the License for the specific language governing permissions and
-  # limitations under the License.
-*/}}
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "keycloak-config-cli.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "keycloak-config-cli.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "keycloak-config-cli.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "keycloak-config-cli.labels" -}}
-helm.sh/chart: {{ include "keycloak-config-cli.chart" . }}
-{{ include "keycloak-config-cli.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "keycloak-config-cli.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "keycloak-config-cli.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/job.yaml b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/job.yaml
deleted file mode 100644
index 322db2b7a1..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/job.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
-{{/*
-  # Copyright © adorsys GmbH & Co. KG
-  # Modifications © 2022, Deutsche Telekom
-  #
-  # Licensed under the Apache License, Version 2.0 (the "License");
-  # you may not use this file except in compliance with the License.
-  # You may obtain a copy of the License at
-  #
-  #       http://www.apache.org/licenses/LICENSE-2.0
-  #
-  # Unless required by applicable law or agreed to in writing, software
-  # distributed under the License is distributed on an "AS IS" BASIS,
-  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  # See the License for the specific language governing permissions and
-  # limitations under the License.
-*/}}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  {{- with .Values.annotations }}
-  annotations:
-  {{- toYaml . | nindent 4 }}
-  {{- end }}
-  name: {{ template "keycloak-config-cli.fullname" . }}
-  labels:
-  {{- include "keycloak-config-cli.labels" . | nindent 4 }}
-spec:
-  backoffLimit: {{ .Values.backoffLimit }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-      {{- . | nindent 8 }}
-      {{- end }}
-      labels:
-      {{- include "keycloak-config-cli.selectorLabels" . | nindent 8 }}
-      {{- with .Values.podLabels }}
-    {{- toYaml . | nindent 8 }}
-    {{- end }}
-    spec:
-      {{- with .Values.image.pullSecrets }}
-      imagePullSecrets:
-      {{- toYaml . | nindent 8 }}
-      {{- end }}
-      restartPolicy: Never
-      containers:
-        - name: keycloak-config-cli
-          image: "{{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.repository }}:{{ tpl .Values.image.tag $ }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          {{- with .Values.resources }}
-          resources:
-          {{- toYaml . | nindent 10 }}
-          {{- end }}
-          env:
-            {{- range $name, $value := .Values.env }}
-            - name: {{ $name | quote }}
-              value: {{ tpl $value $ | quote }}
-            {{- end }}
-            {{- range $name, $value := .Values.secrets }}
-            - name: {{ $name | quote }}
-              valueFrom:
-                secretKeyRef:
-                  name: "{{ template "keycloak-config-cli.fullname" $ }}"
-                  key: {{ $name | quote }}
-            {{- end }}
-            {{- if and .Values.existingSecret .Values.existingSecretKey }}
-            - name: "KEYCLOAK_PASSWORD"
-              valueFrom:
-                secretKeyRef:
-                  name: "{{ tpl .Values.existingSecret . }}"
-                  key: "{{ .Values.existingSecretKey }}"
-          {{- end }}
-          {{- with .Values.securityContext }}
-          securityContext:
-          {{- toYaml . | nindent 10 }}
-          {{- end }}
-          volumeMounts:
-            - name: config
-              mountPath: /config
-            {{- with .Values.extraVolumeMounts }}
-            {{- tpl . $ | nindent 12 }}
-            {{- end }}
-        {{ include "common.waitForJobContainer" . | indent 8 | trim }}
-      volumes:
-        - name: config
-          secret:
-            {{- if .Values.existingConfigSecret }}
-            secretName: "{{ tpl .Values.existingConfigSecret $ }}"
-            {{- else }}
-            secretName: "{{ template "keycloak-config-cli.fullname" . }}-config-realms"
-            {{- end }}
-            defaultMode: 0555
-        {{- with .Values.extraVolumes }}
-        {{- tpl . $ | nindent 8 }}
-        {{- end }}
-      {{- with .Values.serviceAccount }}
-      serviceAccountName: "{{ tpl . $ }}"
-      {{- end }}
-      {{- with .Values.securityContext }}
-      securityContext:
-      {{- toYaml . | nindent 8 }}
-  {{- end }}
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/realms.yaml b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/realms.yaml
deleted file mode 100644
index fa9363e9d0..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/realms.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-  # Copyright © adorsys GmbH & Co. KG
-  #
-  # Licensed under the Apache License, Version 2.0 (the "License");
-  # you may not use this file except in compliance with the License.
-  # You may obtain a copy of the License at
-  #
-  #       http://www.apache.org/licenses/LICENSE-2.0
-  #
-  # Unless required by applicable law or agreed to in writing, software
-  # distributed under the License is distributed on an "AS IS" BASIS,
-  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  # See the License for the specific language governing permissions and
-  # limitations under the License.
-*/}}
-{{ if not .Values.existingConfigSecret }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ template "keycloak-config-cli.fullname" . }}-config-realms
-  labels:
-  {{- include "keycloak-config-cli.labels" . | nindent 4 }}
-data:
-  {{- range $name, $config := .Values.config }}
-    {{- if hasKey $config "file" }}
-  {{ $name }}.json: "{{ tpl ($.Files.Get $config.file) $ | b64enc }}"
-    {{- else if hasKey $config "inline" }}
-  {{ $name }}.json: "{{ tpl (toJson $config.inline) $ | b64enc }}"
-    {{- end }}
-  {{- end }}
-{{- end }}
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/secrets.yaml b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/secrets.yaml
deleted file mode 100644
index 94505289e6..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/templates/secrets.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-  # Copyright © adorsys GmbH & Co. KG
-  #
-  # Licensed under the Apache License, Version 2.0 (the "License");
-  # you may not use this file except in compliance with the License.
-  # You may obtain a copy of the License at
-  #
-  #       http://www.apache.org/licenses/LICENSE-2.0
-  #
-  # Unless required by applicable law or agreed to in writing, software
-  # distributed under the License is distributed on an "AS IS" BASIS,
-  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  # See the License for the specific language governing permissions and
-  # limitations under the License.
-*/}}
-{{ if .Values.secrets }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ template "keycloak-config-cli.fullname" . }}
-  labels:
-  {{- include "keycloak-config-cli.labels" . | nindent 4 }}
-data:
-  {{- range $name, $value := .Values.secrets }}
-    {{ $name }}: "{{ tpl $value $ | b64enc }}"
-  {{- end }}
-  {{- end }}
diff --git a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/values.yaml b/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/values.yaml
deleted file mode 100644
index 5f8d4a3fd5..0000000000
--- a/kubernetes/platform/components/keycloak-init/components/keycloak-config-cli/values.yaml
+++ /dev/null
@@ -1,97 +0,0 @@
-# Copyright © adorsys GmbH & Co. KG
-# Modifications © 2022, Deutsche Telekom
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-global:
-  pullPolicy: Always
-  persistence: {}
-  dockerHubRepository: docker.io
-
-fullnameOverride: ""
-nameOverride: ""
-
-image:
-  repository: adorsys/keycloak-config-cli
-  tag: "{{ .Chart.AppVersion }}-22.0.4"
-  pullPolicy: IfNotPresent
-  ## Optionally specify an array of imagePullSecrets.
-  ## Secrets must be manually created in the namespace.
-  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
-  ##
-  pullSecrets: []
-  # - myRegistryKeySecretName
-
-# Count of re(!)tries. A value of 2 means 3 tries in total.
-backoffLimit: 1
-
-# annotations of the Job. Define helm post hook here
-# currently disabled to see the results and to be compliant with ArgoCD
-#annotations:
-#  "helm.sh/hook": "post-install,post-upgrade,post-rollback"
-#  "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
-#  "helm.sh/hook-weight": "5"
-
-labels: {}
-
-resources: {}
-  # limits:
-  #   cpu: "100m"
-  #   memory: "1Gi"
-  # requests:
-  #   cpu: "100m"
-#   memory: "1Gi"
-
-env:
-  KEYCLOAK_URL: http://keycloak:8080
-  KEYCLOAK_USER: admin
-  IMPORT_PATH: /config/
-
-secrets: {}
-#  KEYCLOAK_PASSWORD:
-
-# Specifies an existing secret to be used for the admin password
-existingSecret: ""
-
-# The key in the existing secret that stores the password
-existingSecretKey: password
-
-securityContext: {}
-containerSecurityContext: {}
-
-## Additional pod labels
-## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
-podLabels: {}
-
-## Extra Annotations to be added to pod
-podAnnotations: {}
-
-config: {}
-  # <realm name>:
-  #   inline:
-  #     realm: <realm name>
-  #     clients: []
-  # <realm name>:
-  #   file: <path>
-
-existingConfigSecret: ""
-
-# Add additional volumes, e.g. for custom secrets
-extraVolumes: ""
-
-# Add additional volumes mounts, e. g. for custom secrets
-extraVolumeMounts: ""
-
-wait_for_job_container:
-  containers:
-    - 'keycloak-config-cli'