2 files changed, 84 insertions, 34 deletions

diff --git a/docs/sections/resources/yaml/keycloak-ingress.yaml b/docs/sections/resources/yaml/keycloak-ingress.yaml
new file mode 100644
index 0000000000..91fc34f381
--- /dev/null
+++ b/docs/sections/resources/yaml/keycloak-ingress.yaml
@@ -0,0 +1,55 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: Helm
+  name: keycloak-ui-http-route
+  namespace: keycloak
+spec:
+  hostnames:
+  - keycloak-ui.simpledemo.onap.org
+  parentRefs:
+  - group: gateway.networking.k8s.io
+    kind: Gateway
+    name: common-gateway
+    namespace: istio-ingress
+    sectionName: https-80
+  rules:
+    Filters:
+      Request Redirect:
+        Port:         443
+        Scheme:       https
+        Status Code:  301
+      Type:           RequestRedirect
+    Matches:
+      Path:
+        Type:   PathPrefix
+        Value:  /auth
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: Helm
+  name: keycloak-ui-http-route
+  namespace: keycloak
+spec:
+  hostnames:
+  - keycloak-ui.simpledemo.onap.org
+  parentRefs:
+  - group: gateway.networking.k8s.io
+    kind: Gateway
+    name: common-gateway
+    namespace: istio-ingress
+    sectionName: https-443
+  rules:
+  - backendRefs:
+    - group: ""
+      kind: Service
+      name: keycloak-keycloakx-http
+      port: 80
+      weight: 1
+    matches:
+    - path:
+        type: PathPrefix
+        value: /auth
diff --git a/docs/sections/resources/yaml/keycloak-server-values.yaml b/docs/sections/resources/yaml/keycloak-server-values.yaml
index 7eaecbedfc..0160ce86e8 100644
--- a/docs/sections/resources/yaml/keycloak-server-values.yaml
+++ b/docs/sections/resources/yaml/keycloak-server-values.yaml
@@ -1,53 +1,48 @@
-image:
-  # The Keycloak image repository
-  repository: quay.io/keycloak/keycloak
-  # Overrides the Keycloak image tag whose default is the chart appVersion
-  tag: "19.0.3-legacy"
-
-postgresql:
-  # If `true`, the Postgresql dependency is enabled
-  enabled: false
+---
+command:
+  - "/opt/keycloak/bin/kc.sh"
+  - "--verbose"
+  - "start"
+  - "--http-enabled=true"
+  - "--http-port=8080"
+  - "--hostname-strict=false"
+  - "--hostname-strict-https=false"
+  - "--spi-events-listener-jboss-logging-success-level=info"
+  - "--spi-events-listener-jboss-logging-error-level=warn"
 
 extraEnv: |
-  - name: KEYCLOAK_USER
+  - name: KEYCLOAK_ADMIN
     valueFrom:
       secretKeyRef:
         name: {{ include "keycloak.fullname" . }}-admin-creds
         key: user
-  - name: KEYCLOAK_PASSWORD
+  - name: KEYCLOAK_ADMIN_PASSWORD
     valueFrom:
       secretKeyRef:
         name: {{ include "keycloak.fullname" . }}-admin-creds
         key: password
-  - name: DB_VENDOR
-    value: postgres
-  - name: DB_ADDR
-    value: keycloak-db-postgresql
-  - name: DB_PORT
-    value: "5432"
-  - name: DB_DATABASE
-    value: keycloak
-  - name: DB_USER
-    value: dbusername
-  - name: DB_PASSWORD_FILE
-    value: /secrets/db-creds/password
+  - name: JAVA_OPTS_APPEND
+    value: >-
+      -XX:+UseContainerSupport
+      -XX:MaxRAMPercentage=50.0
+      -Djava.awt.headless=true
+      -Djgroups.dns.query={{ include "keycloak.fullname" . }}-headless
   - name: PROXY_ADDRESS_FORWARDING
     value: "true"
 
-extraVolumeMounts: |
-  - name: db-creds
-    mountPath: /secrets/db-creds
-    readOnly: true
+dbchecker:
+  enabled: true
 
-extraVolumes: |
-  - name: db-creds
-    secret:
-      secretName: keycloak-db-postgresql
+database:
+  vendor: postgres
+  hostname: keycloak-db-postgresql
+  port: 5432
+  username: dbusername
+  password: dbpassword
+  database: keycloak
 
 secrets:
   admin-creds:
-    annotations:
-      my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
     stringData:
       user: admin
-      password: secret
\ No newline at end of file
+      password: secret