diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cbea5ba..4975391 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,7 +1,7 @@ name: Release and sign module on: push: - tag: ['*'] # semver format + tags: ['*'] # semver format permissions: contents: read # needed for checkout @@ -35,5 +35,5 @@ jobs: --sign=cosign \ --latest \ -a 'org.opencontainers.image.licenses=Apache-2.0' \ - -a 'org.opencontainers.image.source=https://github.com/yyvess/keycloak-timoni' \ - -a 'org.opencontainers.image.description=A Keycloakh module.' \ + -a 'org.opencontainers.image.source=https://github.com/${{ github.repository }}' \ + -a 'org.opencontainers.image.description=A Keycloak module.' \ diff --git a/templates/config.cue b/templates/config.cue index 1d34d62..ffaa020 100644 --- a/templates/config.cue +++ b/templates/config.cue @@ -105,6 +105,8 @@ import ( // App settings. command: [...string] | *["/opt/keycloak/bin/kc.sh", "start"] + extraEnvs: [...corev1.#EnvVar] | *[] + ha: replicas > 1 serviceAccountCreate: *false | bool @@ -142,57 +144,33 @@ import ( ingress?: netv1.#IngressSpec + admin: { + user: *{value: *"admin" | string} | {valueFrom?: corev1.#EnvVarSource} + password!: *{value?: string} | {valueFrom?: corev1.#EnvVarSource} + } - fileDb: false | *(envs.KC_DB == "dev-file" | envs.KC_DB == _|_) - - jgroups: { - name: *"jgroups" | string - port: *7800 | int & >0 & <=65535 + java: { + options?: string } - envs: { + database: { if !ha { - KC_DB?: "dev-mem" | "dev-file" | "postgres" | "mariadb" | "mssql" | "mysql" | "oracle" - KC_CACHE: "local" - JAVA_OPTS_APPEND?: string + type?: *{value: *"dev-file" | "dev-mem" | "postgres" | "mariadb" | "mssql" | "mysql" | "oracle"} | {valueFrom?: corev1.#EnvVarSource} } if ha { - KC_DB!: "postgres" | "mariadb" | "mssql" | "mysql" | "oracle" - KC_CACHE: "ispn" - KC_CACHE_CONFIG_FILE: "cache-ispn.xml" - JAVA_OPTS_APPEND: *"-Djgroups.dns.query=\( metadata.name )-\( jgroups.name )" | string - } - KC_HEALTH_ENABLED: true - KC_HTTP_ENABLED: *true | false - KC_HTTP_PORT?: int & >0 & <=65535 - KC_HTTPS_PORT?: int & >0 & <=65535 - KC_HOSTNAME_PORT?: int & >0 & <=65535 - KC_HOSTNAME?: string - KC_HOSTNAME_ADMIN?: string - KC_HOSTNAME_URL?: string - KC_HOSTNAME_ADMIN_URL?: string - KC_HOSTNAME_PATH?: string - KC_HOSTNAME_STRICT?: true | false - KC_HOSTNAME_STRICT_HTTPS?: true | false - KC_HOSTNAME_STRICT_BACKCHANNEL?: true | false - KC_PROXY?: "none" | "edge" | "reencrypt" | "passthrough" - KC_METRICS_ENABLED?: true | false - KEYCLOAK_ADMIN: *"admin" | string | #secretReference - KEYCLOAK_ADMIN_PASSWORD: string | #secretReference - KC_DB_URL?: string | #secretReference - KC_DB_USERNAME?: string | #secretReference - KC_DB_PASSWORD?: string | #secretReference - KC_CACHE_STACK: *"kubernetes" | "tcp" | "udp" | "ec2" | "azure" | "google" - KC_LOG_LEVEL?: string - KC_LOG_CONSOLE_OUTPUT?: string - KC_LOG_CONSOLE_FORMAT?: string - if certificateCreate { - KC_HTTPS_CERTIFICATE_FILE: *"/certs/tls.crt" | string - KC_HTTPS_CERTIFICATE_KEY_FILE: *"/certs/tls.key" | string + type: *{value: "postgres" | "mariadb" | "mssql" | "mysql" | "oracle"} | {valueFrom?: corev1.#EnvVarSource} } - if !certificateCreate { - KC_HTTPS_CERTIFICATE_FILE?: string - KC_HTTPS_CERTIFICATE_KEY_FILE?: string + url?: *{value?: string} | corev1.#EnvVarSource + username?: *{value?: string} | {valueFrom?: corev1.#EnvVarSource} + password?: *{value?: string} | {valueFrom?: corev1.#EnvVarSource} + } + + cache: { + stack: *"kubernetes" | "tcp" | "udp" | "ec2" | "azure" | "google" + jgroups: { + name: *"jgroups" | string + port: *7800 | int & >0 & <=65535 } } + } diff --git a/templates/deployment.cue b/templates/deployment.cue index 752ad71..b8c2791 100644 --- a/templates/deployment.cue +++ b/templates/deployment.cue @@ -6,13 +6,15 @@ import ( ) #Deployment: appsv1.#Deployment & { - #config: #Config + #config: #Config + #envs: [...corev1.#EnvVar] #cmName: string #certSecretName: string #jksSecretName: string apiVersion: "apps/v1" kind: "Deployment" metadata: #config.metadata + spec: appsv1.#DeploymentSpec & { replicas: #config.replicas selector: matchLabels: #config.selector.labels @@ -30,24 +32,18 @@ import ( if !#config.serviceAccountCreate { serviceAccountName: *#config.serviceAccount.metadata.name | "default" } - containers: [ { name: #config.metadata.name command: #config.command image: #config.image.reference imagePullPolicy: #config.image.pullPolicy - env: [for k, v in #config.envs if v != _|_ && v.name == _|_ { - name: "\( k )" - value: "\( v )" - }, - for k, v in #config.envs if v != _|_ && v.name != _|_ { - name: "\( k )" - valueFrom: - secretKeyRef: { - name: "\( v.name )" - key: "\( v.key )" - }}] + env: [ + {name: "KC_HEALTH_ENABLED", value: "true"}, + {name: "KC_HTTP_ENABLED", value: "true"}, + for x in #envs {x}, + for x in #config.extraEnvs {x}, + ] ports: [ { name: "http" diff --git a/templates/instance.cue b/templates/instance.cue index c53a5b1..e9c2caf 100644 --- a/templates/instance.cue +++ b/templates/instance.cue @@ -62,6 +62,54 @@ package templates if objects.jks.spec.secretName != _|_ { #jksSecretName: objects.jks.spec.secretName } + + #javaOpts?: string + if config.ha && config.java.options == _|_ { + #javaOpts: "-Djgroups.dns.query=\( config.metadata.name )-\( config.cache.jgroups.name )" + } + if config.ha && config.java.options != _|_ { + #javaOpts: "\( config.java.options ) -Djgroups.dns.query=\( config.metadata.name )-\( config.cache.jgroups.name )" + } + if !config.ha && config.java.options != _|_ { + #javaOpts: config.java.options + } + #envs: [ + if config.database.type != _|_ { + {name: "KC_DB"} & config.database.type + }, + if !config.ha { + {name: "KC_CACHE", value: "local"} + }, + if config.ha == true { + {name: "KC_CACHE", value: "ispn"} + }, + if config.ha == true { + {name: "KC_CACHE_STACK", value: config.cache.stack} + }, + if config.ha == true { + {name: "KC_CACHE_CONFIG_FILE", value: "cache-ispn.xml"} + }, + if #javaOpts != _|_ { + {name: "JAVA_OPTS_APPEND", value: #javaOpts} + }, + if config.certificateCreate { + {name: "KC_HTTPS_CERTIFICATE_FILE", value: "/certs/tls.crt"} + }, + if config.certificateCreate { + {name: "KC_HTTPS_CERTIFICATE_KEY_FILE", value: "/certs/tls.key"} + }, + {name: "KEYCLOAK_ADMIN"} & config.admin.user, + {name: "KEYCLOAK_ADMIN_PASSWORD"} & config.admin.password, + if config.database.url != _|_ { + {name: "KC_DB_URL"} & config.database.url + }, + if (config.database.username != _|_) { + {name: "KC_DB_USERNAME"} & {config.database.username} + }, + if (config.database.password != _|_) { + {name: "KC_DB_PASSWORD"} & {config.database.password} + }, + ] } } } diff --git a/templates/namespace.cue b/templates/namespace.cue index fc6e693..6b8f27c 100644 --- a/templates/namespace.cue +++ b/templates/namespace.cue @@ -5,11 +5,11 @@ import ( ) #Namespace: corev1.#Namespace & { - #config: #Config + #config: #Config apiVersion: "v1" kind: "Namespace" metadata: { - name: #config.metadata.namespace + name: #config.metadata.namespace if #config.virtualService != _|_ { labels: "istio-injection": "enabled" } diff --git a/templates/networking.cue b/templates/networking.cue index dd70d5b..9edafbb 100644 --- a/templates/networking.cue +++ b/templates/networking.cue @@ -43,7 +43,7 @@ import ( ] ports: [{ protocol: "TCP" - port: #config.jgroups.port + port: #config.cache.jgroups.port }, ]} }, diff --git a/templates/services.cue b/templates/services.cue index 0ba6a31..11529bc 100644 --- a/templates/services.cue +++ b/templates/services.cue @@ -57,7 +57,7 @@ import ( ports: [ { name: "jgroups" - port: #config.jgroups.port + port: #config.cache.jgroups.port protocol: "TCP" targetPort: "jgroups" }, diff --git a/test/certificate-values.cue b/test/certificate-values.cue index d6085fe..f721086 100644 --- a/test/certificate-values.cue +++ b/test/certificate-values.cue @@ -36,10 +36,22 @@ values: { } } - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_DB: "postgres" - KC_DB_USERNAME: "admin" - KC_DB_PASSWORD: "admin" + admin: { + password: {value: "admin"} } + + database: { + type: {value: "postgres"} + url: {value: "jdbc:postgresql://localhost/keycloak"} + username: {value: "keycloak"} + password: { + valueFrom: { + secretKeyRef: { + name: "my-secret" + key: "my-key" + } + } + } + } + } diff --git a/test/certificate.yaml b/test/certificate.yaml index 8c5b52b..e122c20 100644 --- a/test/certificate.yaml +++ b/test/certificate.yaml @@ -242,32 +242,37 @@ spec: - /opt/keycloak/bin/kc.sh - start env: + - name: KC_HEALTH_ENABLED + value: "true" + - name: KC_HTTP_ENABLED + value: "true" - name: KC_DB value: postgres - name: KC_CACHE value: ispn - - name: JAVA_OPTS_APPEND - value: -Djgroups.dns.query=keycloak-jgroups + - name: KC_CACHE_STACK + value: kubernetes - name: KC_CACHE_CONFIG_FILE value: cache-ispn.xml - - name: KC_HEALTH_ENABLED - value: "true" - - name: KC_HTTP_ENABLED - value: "true" + - name: JAVA_OPTS_APPEND + value: -Djgroups.dns.query=keycloak-jgroups + - name: KC_HTTPS_CERTIFICATE_FILE + value: /certs/tls.crt + - name: KC_HTTPS_CERTIFICATE_KEY_FILE + value: /certs/tls.key - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin + - name: KC_DB_URL + value: jdbc:postgresql://localhost/keycloak - name: KC_DB_USERNAME - value: admin + value: keycloak - name: KC_DB_PASSWORD - value: admin - - name: KC_CACHE_STACK - value: kubernetes - - name: KC_HTTPS_CERTIFICATE_FILE - value: /certs/tls.crt - - name: KC_HTTPS_CERTIFICATE_KEY_FILE - value: /certs/tls.key + valueFrom: + secretKeyRef: + key: my-key + name: my-secret image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/external-secrets-values.cue b/test/external-secrets-values.cue index e3d7d31..f921f46 100644 --- a/test/external-secrets-values.cue +++ b/test/external-secrets-values.cue @@ -22,14 +22,7 @@ values: { metadata: name: "existing-sa" } - envs: { - KEYCLOAK_ADMIN: { - name: "existing-secret" - key: "keycloak-admin-user" - } - KEYCLOAK_ADMIN_PASSWORD: { - name: "existing-secret" - key: "keycloak-admin-password" - } + admin: { + password: {value: "admin"} } } diff --git a/test/external-secrets.yaml b/test/external-secrets.yaml index 1ee0a8c..56d908c 100644 --- a/test/external-secrets.yaml +++ b/test/external-secrets.yaml @@ -103,28 +103,20 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" - - name: KC_CACHE_STACK - value: kubernetes + - name: KC_CACHE + value: local - name: KC_HTTPS_CERTIFICATE_FILE value: /certs/tls.crt - name: KC_HTTPS_CERTIFICATE_KEY_FILE value: /certs/tls.key - name: KEYCLOAK_ADMIN - valueFrom: - secretKeyRef: - key: keycloak-admin-user - name: existing-secret + value: admin - name: KEYCLOAK_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: keycloak-admin-password - name: existing-secret + value: admin image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/http-values.cue b/test/http-values.cue index 928f782..6fba00a 100644 --- a/test/http-values.cue +++ b/test/http-values.cue @@ -15,16 +15,22 @@ values: { tag: "23.0" } - envs: { - KEYCLOAK_ADMIN: "admin" - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_DB_USERNAME: "admin" - KC_DB_PASSWORD: "admin" - KC_HOSTNAME_PORT: 8080 - KC_HOSTNAME_URL: "http://localhost:8080/" - KC_HOSTNAME_STRICT: false - KC_HOSTNAME_STRICT_HTTPS: false - - KC_LOG_LEVEL: "DEBUG" + admin: { + password: { + valueFrom: { + secretKeyRef: { + name: "my-secret" + key: "my-key" + } + } + } } + + extraEnvs: [ + {name: "KC_HOSTNAME_PORT", value: "8080"}, + {name: "KC_HOSTNAME_URL", value: "http://localhost:8080/"}, + {name: "KC_HOSTNAME_STRICT", value: "false"}, + {name: "KC_HOSTNAME_STRICT_HTTPS", value: "false"}, + {name: "KC_LOG_LEVEL", value: "DEBUG"}, + ] } diff --git a/test/http.yaml b/test/http.yaml index 7edc132..1e21294 100644 --- a/test/http.yaml +++ b/test/http.yaml @@ -48,12 +48,19 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" + - name: KC_CACHE + value: local + - name: KEYCLOAK_ADMIN + value: admin + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: my-key + name: my-secret - name: KC_HOSTNAME_PORT value: "8080" - name: KC_HOSTNAME_URL @@ -62,16 +69,6 @@ spec: value: "false" - name: KC_HOSTNAME_STRICT_HTTPS value: "false" - - name: KEYCLOAK_ADMIN - value: admin - - name: KEYCLOAK_ADMIN_PASSWORD - value: admin - - name: KC_DB_USERNAME - value: admin - - name: KC_DB_PASSWORD - value: admin - - name: KC_CACHE_STACK - value: kubernetes - name: KC_LOG_LEVEL value: DEBUG image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a diff --git a/test/ingress-values.cue b/test/ingress-values.cue index de643da..814ee5a 100644 --- a/test/ingress-values.cue +++ b/test/ingress-values.cue @@ -39,10 +39,8 @@ values: { }}] } - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_PROXY: "edge" - KC_HOSTNAME_STRICT: false - KC_LOG_LEVEL: "DEBUG" + admin: { + password: {value: "admin"} } + } diff --git a/test/ingress.yaml b/test/ingress.yaml index d61a3e1..70da030 100644 --- a/test/ingress.yaml +++ b/test/ingress.yaml @@ -75,24 +75,16 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" - - name: KC_HOSTNAME_STRICT - value: "false" - - name: KC_PROXY - value: edge + - name: KC_CACHE + value: local - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_CACHE_STACK - value: kubernetes - - name: KC_LOG_LEVEL - value: DEBUG image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/minimum-values.cue b/test/minimum-values.cue index 9870fc9..e2c1d89 100644 --- a/test/minimum-values.cue +++ b/test/minimum-values.cue @@ -4,8 +4,9 @@ package main // Defaults values: { - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_HOSTNAME_STRICT: false + + admin: { + password: {value: "admin"} } + } diff --git a/test/minimum.yaml b/test/minimum.yaml index 7f65bf3..24d9dcf 100644 --- a/test/minimum.yaml +++ b/test/minimum.yaml @@ -48,20 +48,16 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" - - name: KC_HOSTNAME_STRICT - value: "false" + - name: KC_CACHE + value: local - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_CACHE_STACK - value: kubernetes image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/networkpolicy-values.cue b/test/networkpolicy-values.cue index af490c1..66894b3 100644 --- a/test/networkpolicy-values.cue +++ b/test/networkpolicy-values.cue @@ -4,9 +4,6 @@ package main // Defaults values: { - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - } networkPolicyCreate: true networkPolicyRules: [{ from: [{ @@ -24,4 +21,9 @@ values: { ] }, ] + + admin: { + password: {value: "admin"} + } + } diff --git a/test/networkpolicy.yaml b/test/networkpolicy.yaml index d4b7c33..b2637fa 100644 --- a/test/networkpolicy.yaml +++ b/test/networkpolicy.yaml @@ -77,18 +77,16 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" + - name: KC_CACHE + value: local - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_CACHE_STACK - value: kubernetes image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/pdb-values.cue b/test/pdb-values.cue index f4f3348..355d38b 100644 --- a/test/pdb-values.cue +++ b/test/pdb-values.cue @@ -16,8 +16,14 @@ values: { maxUnavailable: 1 } - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_DB: "postgres" + database: { + type: {value: "postgres"} + } + admin: { + password: {value: "admin"} + } + + java: { + options: "-Xms256m" } } diff --git a/test/pdb.yaml b/test/pdb.yaml index 03e69e0..b84e62c 100644 --- a/test/pdb.yaml +++ b/test/pdb.yaml @@ -183,24 +183,24 @@ spec: - /opt/keycloak/bin/kc.sh - start env: + - name: KC_HEALTH_ENABLED + value: "true" + - name: KC_HTTP_ENABLED + value: "true" - name: KC_DB value: postgres - name: KC_CACHE value: ispn - - name: JAVA_OPTS_APPEND - value: -Djgroups.dns.query=keycloak-jgroups + - name: KC_CACHE_STACK + value: kubernetes - name: KC_CACHE_CONFIG_FILE value: cache-ispn.xml - - name: KC_HEALTH_ENABLED - value: "true" - - name: KC_HTTP_ENABLED - value: "true" + - name: JAVA_OPTS_APPEND + value: -Xms256m -Djgroups.dns.query=keycloak-jgroups - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_CACHE_STACK - value: kubernetes image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/sa-values.cue b/test/sa-values.cue index 414aad8..3b31570 100644 --- a/test/sa-values.cue +++ b/test/sa-values.cue @@ -21,16 +21,7 @@ values: { name: "kjj" annotations: {"custom": "test"}} } - - envs: { - KEYCLOAK_ADMIN: "admin" - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_DB_USERNAME: "admin" - KC_DB_PASSWORD: "admin" - KC_HOSTNAME_PORT: 8080 - KC_HOSTNAME_URL: "http://localhost:8080/" - KC_HOSTNAME_STRICT: false - KC_HOSTNAME_STRICT_HTTPS: false - KC_LOG_LEVEL: "DEBUG" + admin: { + password: {value: "admin"} } } diff --git a/test/sa.yaml b/test/sa.yaml index 209c0b8..fe00b98 100644 --- a/test/sa.yaml +++ b/test/sa.yaml @@ -60,32 +60,16 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" - - name: KC_HOSTNAME_PORT - value: "8080" - - name: KC_HOSTNAME_URL - value: http://localhost:8080/ - - name: KC_HOSTNAME_STRICT - value: "false" - - name: KC_HOSTNAME_STRICT_HTTPS - value: "false" + - name: KC_CACHE + value: local - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_DB_USERNAME - value: admin - - name: KC_DB_PASSWORD - value: admin - - name: KC_CACHE_STACK - value: kubernetes - - name: KC_LOG_LEVEL - value: DEBUG image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a imagePullPolicy: IfNotPresent livenessProbe: diff --git a/test/virtualservice-values.cue b/test/virtualservice-values.cue index c87f83e..b10eb6a 100644 --- a/test/virtualservice-values.cue +++ b/test/virtualservice-values.cue @@ -44,10 +44,13 @@ values: { ]}, ] - envs: { - KEYCLOAK_ADMIN_PASSWORD: "admin" - KC_PROXY: "edge" - KC_HOSTNAME_STRICT: false - KC_LOG_LEVEL: "DEBUG" + admin: { + password: {value: "admin"} } + + extraEnvs: [ + {name: "KC_PROXY", value: "edge"}, + {name: "KC_HOSTNAME_STRICT", value: "false"}, + {name: "KC_LOG_LEVEL", value: "DEBUG"}, + ] } diff --git a/test/virtualservice.yaml b/test/virtualservice.yaml index 1e02bcc..075886b 100644 --- a/test/virtualservice.yaml +++ b/test/virtualservice.yaml @@ -81,22 +81,20 @@ spec: - /opt/keycloak/bin/kc.sh - start env: - - name: KC_CACHE - value: local - name: KC_HEALTH_ENABLED value: "true" - name: KC_HTTP_ENABLED value: "true" - - name: KC_HOSTNAME_STRICT - value: "false" - - name: KC_PROXY - value: edge + - name: KC_CACHE + value: local - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - - name: KC_CACHE_STACK - value: kubernetes + - name: KC_PROXY + value: edge + - name: KC_HOSTNAME_STRICT + value: "false" - name: KC_LOG_LEVEL value: DEBUG image: quay.io/keycloak/keycloak:23.0@sha256:cff31dc6fbb0ab0b66176b990e6b9e262fa74a501abb9a4bfa4a529cbc8a526a