diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2022-10-07 13:09:41 +0200 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2023-01-23 10:48:47 +0000 |
| commit | b784da4b931ec6b7400ff745d9846fe18e5ff7fa (patch) | |
| tree | 562bdae48c49f5afdd5f88f2d3b834fa0f225ed9 /kubernetes/platform/components/keycloak-init/values.yaml | |
| parent | 2f43e96c6a84b737590cc4db8a5d53fbac8fd586 (diff) | |
[PLATFORM] Add Keycloak ONAP REALM import
As part of the ServiceMesh solution Keycloak will be used
to enable a central authentication and authorization for ONAP
Service Access. This chart provides the import of a default
ONAP Realm to an existing Keycloak Instance (alternative
to a combined KC+REALM installation).
It contains clients for the planned portal-ng.
Make all subcomponents selectable
Issue-ID: OOM-3021
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I677a3b9e200299c2cde7774e09db6cf33ac510b7
Diffstat (limited to 'kubernetes/platform/components/keycloak-init/values.yaml')
| -rw-r--r-- | kubernetes/platform/components/keycloak-init/values.yaml | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/kubernetes/platform/components/keycloak-init/values.yaml b/kubernetes/platform/components/keycloak-init/values.yaml new file mode 100644 index 0000000000..5e975147ab --- /dev/null +++ b/kubernetes/platform/components/keycloak-init/values.yaml @@ -0,0 +1,46 @@ +# Copyright © 2022, Deutsche Telekom +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +global: + # Global ingress configuration + ingress: + enabled: false + virtualhost: + baseurl: "simpledemo.onap.org" + +keycloak-config-cli: + #existingSecret: "keycloak-keycloakx-admin-creds" + env: + KEYCLOAK_URL: http://keycloak-http.keycloak.svc.cluster.local/auth/ + secrets: + KEYCLOAK_PASSWORD: secret + config: + onap: + file: resources/realm/onap-realm.json + +ingress: + service: + - baseaddr: "keycloak-ui" + name: "keycloak-http.keycloak.svc.cluster.local" + path: "/auth" + port: 80 + # If `true`, an Ingress is created + enabled: false + config: + ssl: "redirect" + +serviceAccount: + nameOverride: keycloak-init + roles: + - read |