All Downloads are FREE. Search and download functionalities are using the official Maven repository.

atform.apps.keycloak.4.0.201.source-code.deploymentConfig.yml Maven / Gradle / Ivy

There is a newer version: 4.0.204
Show newest version
metadata:
  annotations:
    configmap.fabric8.io/update-on-change: "keycloak"
    fabric8.io/target-platform: "openshift"
spec:
  replicas: 1
  strategy:
    type: Recreate
    recreateParams:
      timeoutSeconds: 7200
  template:
    metadata:
      annotations:
        pod.beta.kubernetes.io/init-containers: |-
          [{
            "name": "git-cloner",
            "image": "fabric8/builder-clients:0.11",
            "imagePullPolicy": "IfNotPresent",
            "command": [ "/bin/bash" ],
            "args": [
              "-c",
              "rm -rf /keycloak-theme/login && git clone https://github.com/fabric8io/fabric8-keycloak-theme.git /keycloak-theme/login && cd /keycloak-theme/login && git checkout 61b08f0a2f4be2395bb0bbb6d16a8538f4f2b836"
            ],
            "volumeMounts": [{
              "name": "keycloak-theme",
              "mountPath": "/keycloak-theme"
            }]
          },
          {
            "name": "openshift-ca-pemtokeystore",
            "image": "jimmidyson/pemtokeystore:v0.2.0",
            "imagePullPolicy": "IfNotPresent",
            "args": [
              "-keystore", "/tls-keystore/openshift-truststore.jks",
              "-ca-file", "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
              "-ca-file", "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt",
              "-ca-dir", "/usr/share/ca-certificates/mozilla"
            ],
            "volumeMounts": [{
              "name": "keycloak-tls",
              "mountPath": "/tls-keystore"
            }]
          },
          {
            "name": "envvar-substitution",
            "image": "fabric8/envsubst-file:1.0.0",
            "imagePullPolicy": "IfNotPresent",
            "args": [
              "fabric8-realm.json"
            ],
            "env": [{
              "name": "WIT_URL",
              "valueFrom": {
                      "configMapKeyRef": {
                          "name": "keycloak",
                          "key": "wit.api.url"
                      }
                  }
            },
            {
              "name": "KEYCLOAK_URL",
              "valueFrom": {
                      "configMapKeyRef": {
                          "name": "keycloak",
                          "key": "keycloak.url"
                      }
                  }
            },
            {
              "name": "FABRIC8_URL",
              "valueFrom": {
                      "configMapKeyRef": {
                          "name": "keycloak",
                          "key": "fabric8.url"
                      }
                  }
            },
            {
              "name": "KEYCLOAK_PRIVATEKEY",
              "valueFrom": {
                      "secretKeyRef": {
                          "name": "keycloak",
                          "key": "kc.private.key"
                      }
                  }
            },
            {
              "name": "KEYCLOAK_PUBLICKEY",
              "valueFrom": {
                      "secretKeyRef": {
                          "name": "keycloak",
                          "key": "kc.public.key"
                      }
                  }
            },
            {
              "name": "KEYCLOAK_CLIENTID_SECRET",
              "valueFrom": {
                      "secretKeyRef": {
                          "name": "keycloak",
                          "key": "kc.clientid.secret"
                      }
                  }
            },
            {
              "name": "K8S_API_SERVER",
              "valueFrom": {
                      "configMapKeyRef": {
                          "name": "keycloak",
                          "key": "apiserver.url"
                      }
                  }
            },
            {
              "name": "HIDE_OPENSHIFT_BTN",
              "value": "false"
            },
            {
              "name": "HIDE_GITHUB_BTN",
              "value": "true"
            }],
            "volumeMounts": [
            {
              "name": "keycloak-config",
              "mountPath": "/workdir/fabric8-realm.json",
              "subPath": "config/fabric8-realm.json"
            },
            {
              "name": "keycloak-subst-config",
              "mountPath": "/processed"
            }
            ]
          },
          {
              "name": "init-dependencyservice",
              "image": "fabric8/fabric8-dependency-wait-service:${dependency-wait-service.version}",
              "imagePullPolicy": "IfNotPresent",
              "command": ["sh", "-c", "fabric8-dependency-wait-service-linux-amd64 postgres://keycloak@keycloak-db:5432"],
              "env": [{
                "name": "DEPENDENCY_POLL_INTERVAL",
                "value": "1"
              }, {
                "name": "DEPENDENCY_LOG_VERBOSE",
                "value": "true"
              }]
          }]
    spec:
      containers:
      - image: fabric8/keycloak-postgres:${keycloak.version}
        args:
        - -b $(INTERNAL_POD_IP)
        - -Djgroups.bind_addr=global
        - -Djboss.node.name=$(INTERNAL_POD_IP)
        - -Djavax.net.ssl.trustStore=/opt/jboss/keycloak/standalone/configuration/tls/openshift-truststore.jks
        - -Dkeycloak.migration.action=import
        - -Dkeycloak.migration.provider=singleFile
        - -Dkeycloak.migration.file=/opt/jboss/keycloak/standalone/configuration/import/fabric8-realm.json
        - -Dkeycloak.migration.strategy=IGNORE_EXISTING
        env:
        - name: POSTGRES_HOSTNAME
          value: keycloak-db
        - name: POSTGRES_USER
          value: keycloak
        - name: POSTGRES_PASSWORD
          value: keycloak
        - name: OPERATING_MODE
          value: standalone
        - name: POSTGRES_PORT_5432_TCP_ADDR
          value: keycloak-db
        - name: INTERNAL_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: KEYCLOAK_USER
          valueFrom:
            secretKeyRef:
              name: keycloak
              key: kc.user
        - name: KEYCLOAK_PASSWORD
          valueFrom:
            secretKeyRef:
              name: keycloak
              key: kc.password
        - name: KEYCLOAK_CLIENTID_SECRET
          valueFrom:
            secretKeyRef:
              name: keycloak
              key: kc.clientid.secret
        - name: KEYCLOAK_PRIVATEKEY
          valueFrom:
            secretKeyRef:
              name: keycloak
              key: kc.private.key
        - name: KEYCLOAK_PUBLICKEY
          valueFrom:
            secretKeyRef:
              name: keycloak
              key: kc.public.key
        - name: HIDE_OPENSHIFT_BTN
          value: "false"
        - name: HIDE_GITHUB_BTN
          value: "true"
        readinessProbe:
          httpGet:
            path: "/auth"
            port: 8080
          initialDelaySeconds: 10
          timeoutSeconds: 10
        livenessProbe:
          httpGet:
            path: "/auth"
            port: 8080
          initialDelaySeconds: 60
          timeoutSeconds: 10
        volumeMounts:
        - name: keycloak-tls
          mountPath: /opt/jboss/keycloak/standalone/configuration/tls
        - name: keycloak-subst-config
          mountPath: /opt/jboss/keycloak/standalone/configuration/import
        - name: keycloak-theme
          mountPath: /opt/jboss/keycloak/themes/fabric8
      volumes:
      - name: keycloak-tls
        emptyDir: {}
      - name: keycloak-subst-config
        emptyDir: {}
      - name: keycloak-config
        configMap:
          name: keycloak
          items:
          - key: fabric8-realm.json
            path: config/fabric8-realm.json
      - name: keycloak-theme
        emptyDir: {}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy