From 280679dc7c9b7e49b57619de79c19e5ef1e8542f Mon Sep 17 00:00:00 2001
From: Michael-Kruggel <michael.kruggel@defenseunicorns.com>
Date: Mon, 6 May 2024 17:47:55 +0000
Subject: [PATCH] fix: fixed first time login for Jenkins

---
 values/common.yaml | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/values/common.yaml b/values/common.yaml
index 2937f27..0ec1ef8 100644
--- a/values/common.yaml
+++ b/values/common.yaml
@@ -34,22 +34,24 @@ controller:
   overwritePlugins: true
   JCasC:
     defaultConfig: true
-    # This is not a typo, the plugin needed for this to work is "oic"
-    securityRealm: |-
-      oic:
-        clientId: "uds-core-jenkins"
-        clientSecret: "###ZARF_VAR_JENKINS_CLIENT_SECRET###"
-        wellKnownOpenIDConfigurationUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/.well-known/openid-configuration"
-        tokenServerUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/token"
-        authorizationServerUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/auth"
-        scopes: "openid profile"
-        disableSslVerification: false
-        endSessionEndpoint: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/logout"
-        escapeHatchEnabled: false
-        logoutFromOpenidProvider: true
-        userNameField: "preferred_username"
-        emailFieldName: "email"
-        groupsFieldName: "groups"
+    configScripts:
+      keycloak: |-
+        jenkins:
+          securityRealm:
+            oic:
+              clientId: "uds-core-jenkins"
+              clientSecret: "###ZARF_VAR_JENKINS_CLIENT_SECRET###"
+              wellKnownOpenIDConfigurationUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds"
+              tokenServerUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/token"
+              authorizationServerUrl: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/auth"
+              scopes: "openid profile"
+              disableSslVerification: false
+              endSessionEndpoint: "https://sso.###ZARF_VAR_DOMAIN###/realms/uds/protocol/openid-connect/logout"
+              escapeHatchEnabled: false
+              logoutFromOpenidProvider: true
+              userNameField: "preferred_username"
+              emailFieldName: "email"
+              groupsFieldName: "groups"
   probes:
     startupProbe:
       periodSeconds: 10