From b784da4b931ec6b7400ff745d9846fe18e5ff7fa Mon Sep 17 00:00:00 2001
From: Andreas Geissler <andreas-geissler@telekom.de>
Date: Fri, 7 Oct 2022 13:09:41 +0200
Subject: [PLATFORM] Add Keycloak ONAP REALM import

As part of the ServiceMesh solution Keycloak will be used
to enable a central authentication and authorization for ONAP
Service Access. This chart provides the import of a default
ONAP Realm to an existing Keycloak Instance (alternative
to a combined KC+REALM installation).
It contains clients for the planned portal-ng.
Make all subcomponents selectable

Issue-ID: OOM-3021

Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I677a3b9e200299c2cde7774e09db6cf33ac510b7
---
 .../platform/components/keycloak-init/values.yaml  | 46 ++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 kubernetes/platform/components/keycloak-init/values.yaml

(limited to 'kubernetes/platform/components/keycloak-init/values.yaml')

diff --git a/kubernetes/platform/components/keycloak-init/values.yaml b/kubernetes/platform/components/keycloak-init/values.yaml
new file mode 100644
index 0000000000..5e975147ab
--- /dev/null
+++ b/kubernetes/platform/components/keycloak-init/values.yaml
@@ -0,0 +1,46 @@
+# Copyright © 2022, Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+global:
+  # Global ingress configuration
+  ingress:
+    enabled: false
+    virtualhost:
+      baseurl: "simpledemo.onap.org"
+
+keycloak-config-cli:
+  #existingSecret: "keycloak-keycloakx-admin-creds"
+  env:
+    KEYCLOAK_URL: http://keycloak-http.keycloak.svc.cluster.local/auth/
+  secrets:
+    KEYCLOAK_PASSWORD: secret
+  config:
+    onap:
+      file: resources/realm/onap-realm.json
+
+ingress:
+  service:
+    - baseaddr: "keycloak-ui"
+      name: "keycloak-http.keycloak.svc.cluster.local"
+      path: "/auth"
+      port: 80
+  # If `true`, an Ingress is created
+  enabled: false
+  config:
+    ssl: "redirect"
+
+serviceAccount:
+  nameOverride: keycloak-init
+  roles:
+    - read
-- 
cgit 1.2.3-korg