Manual cherry-pick of #1731 and #1741 (#1746)

* Fix `droute` limiting attachment size (#1741)

* Update KEYCLOAK_BASE_URL secret handling (#1731)

The KEYCLOAK_BASE_URL is now fetched from a file instead of being hard-coded. This change enhances security by avoiding the storage of sensitive URLs directly in the configuration files. Additionally, the corresponding base64 value in the secrets YAML has been updated to a placeholder.

Signed-off-by: Gustavo Lira <[email protected]>

---------

Signed-off-by: Gustavo Lira <[email protected]>
Co-authored-by: Gustavo Lira e Silva <[email protected]>

.ibm/pipelines/auth/secrets-rhdh-secrets.yaml

@@ -23,7 +23,7 @@ data:
  K8S_CLUSTER_TOKEN_ENCODED: dGVtcA==
  OCM_CLUSTER_URL: dGVtcA==
  OCM_CLUSTER_TOKEN: dGVtcA==
- KEYCLOAK_BASE_URL: aHR0cHM6Ly9rZXljbG9hay1rZXljbG9hay5yaGRoLXByLW9zLWE5ODA1NjUwODMwYjIyYzNhZWUyNDNlNTFkNzk1NjVkLTAwMDAudXMtZWFzdC5jb250YWluZXJzLmFwcGRvbWFpbi5jbG91ZA==
+ KEYCLOAK_BASE_URL: dGVtcA==
  KEYCLOAK_LOGIN_REALM: bXlyZWFsbQ==
  KEYCLOAK_REALM: bXlyZWFsbQ==
  KEYCLOAK_CLIENT_ID: bXljbGllbnQ=

.ibm/pipelines/env_variables.sh

@@ -45,7 +45,7 @@ K8S_CLUSTER_API_SERVER_URL=$(printf "%s" "$K8S_CLUSTER_URL" | base64 | tr -d '\n
 K8S_SERVICE_ACCOUNT_TOKEN=$K8S_CLUSTER_TOKEN_ENCODED
 OCM_CLUSTER_URL=$(printf "%s" "$K8S_CLUSTER_URL" | base64 | tr -d '\n')
 OCM_CLUSTER_TOKEN=$K8S_CLUSTER_TOKEN_ENCODED
-KEYCLOAK_BASE_URL='https://keycloak-keycloak.rhdh-pr-os-a9805650830b22c3aee243e51d79565d-0000.us-east.containers.appdomain.cloud'
+KEYCLOAK_BASE_URL=$(cat /tmp/secrets/KEYCLOAK_BASE_URL)
 KEYCLOAK_LOGIN_REALM='myrealm'
 KEYCLOAK_REALM='myrealm'
 KEYCLOAK_CLIENT_ID='myclient'

.ibm/pipelines/utils.sh

@@ -90,7 +90,6 @@ droute_send() {
  --username '${DATA_ROUTER_USERNAME}' \
  --password '${DATA_ROUTER_PASSWORD}' \
  --results '/tmp/droute/${JUNIT_RESULTS}' \
- --attachments '/tmp/droute/attachments' \
  --verbose"
 
 }