Skip to content

Commit

Permalink
feat: add keycloak client operator to template
Browse files Browse the repository at this point in the history
  • Loading branch information
milan.horvath committed Feb 7, 2024
1 parent 99ad572 commit 9c247f1
Show file tree
Hide file tree
Showing 2 changed files with 86 additions and 0 deletions.
32 changes: 32 additions & 0 deletions templates/operator-keycloak-client.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{{ if .Values.operator.keycloak_client.enabled }}
apiVersion: onecx.tkit.org/v1
kind: KeycloakClient
metadata:
name: {{ include "app.fullname" . }}
labels:
app: {{ include "app.fullname" . }}
{{ include "app.labels.common" $ | indent 4 }}
spec:
realm: {{ .Values.operator.keycloak_client.spec.realm }}
type: {{ .Values.operator.keycloak_client.spec.type }}
passwordSecrets: {{ .Values.operator.keycloak_client.spec.passwordSecrets }}
passwordKey: {{ .Values.operator.keycloak_client.spec.passwordKey }}
kcConfig:
clientId: {{ .Values.operator.keycloak_client.spec.kcConfig.clientId | default (include "app.fullname" .) }}
description: {{ .Values.operator.keycloak_client.spec.kcConfig.description }}
enabled: {{ .Values.operator.keycloak_client.spec.kcConfig.enabled }}
clientAuthenticatorType: {{ .Values.operator.keycloak_client.spec.kcConfig.clientAuthenticatorType }}
password: {{ .Values.operator.keycloak_client.spec.kcConfig.password }}
redirectUris: {{ if .Values.operator.keycloak_client.spec.kcConfig.redirectUris }}{{ .Values.operator.keycloak_client.spec.kcConfig.redirectUris | toYaml | nindent 4 }}{{- end }}
webOrigins: {{ if .Values.operator.keycloak_client.spec.kcConfig.webOrigins }}{{ .Values.operator.keycloak_client.spec.kcConfig.webOrigins | toYaml | nindent 4 }}{{- end }}
bearerOnly: {{ .Values.operator.keycloak_client.spec.kcConfig.bearerOnly }}
standardFlowEnabled: {{ .Values.operator.keycloak_client.spec.kcConfig.standardFlowEnabled }}
implicitFlowEnabled: {{ .Values.operator.keycloak_client.spec.kcConfig.implicitFlowEnabled }}
directAccessGrantsEnabled: {{ .Values.operator.keycloak_client.spec.kcConfig.directAccessGrantsEnabled }}
serviceAccountsEnabled: {{ .Values.operator.keycloak_client.spec.kcConfig.serviceAccountsEnabled }}
publicClient: {{ .Values.operator.keycloak_client.spec.kcConfig.publicClient }}
protocol: {{ .Values.operator.keycloak_client.spec.kcConfig.protocol }}
defaultClientScopes: {{ if .Values.operator.keycloak_client.spec.kcConfig.defaultClientScopes }}{{ .Values.operator.keycloak_client.spec.kcConfig.defaultClientScopes | toYaml | nindent 4 }}{{- end }}
optionalClientScopes: {{ if .Values.operator.keycloak_client.spec.kcConfig.optionalClientScopes }}{{ .Values.operator.keycloak_client.spec.kcConfig.optionalClientScopes | toYaml | nindent 4 }}{{- end }}
attributes: {{ if .Values.operator.keycloak_client.spec.kcConfig.attributes }}{{ .Values.operator.keycloak_client.spec.kcConfig.attributes | toYaml | nindent 6 }}{{- end }}
{{- end }}
54 changes: 54 additions & 0 deletions values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -237,3 +237,57 @@ operator:
appId:
# default deployment name (release_name-name)
appName:

# Keycloak client operator
keycloak_client:
# enabled or disable config for operator
enabled: false
# definition
spec:
# keycloak realm where the client has to be created
realm:
# type of client. Current possibilities [ ui | machine ]
type:
# Name of Secret where the password is stored (alternative is to set kcConfig.password)
passwordSecrets:
# Key used in secret where password is stored
passwordKey:
# Configuration for the keycloak client
kcConfig:
# default deployment name (release_name-name)
clientId:
# description for the client
description:
# flag to enable/disable client in keycloak
enabled:
# client authenticator type (client-secret)
clientAuthenticatorType:
# Password to be set for the client (for ui client it can be empty)
password:
# Redirect uris (used for the ui client). List of Strings
redirectUris: []
# Web origins (user for the ui client). List of Strings
webOrigins: []
# Bearer only flag
bearerOnly:
# Standard flow enabled flag
standardFlowEnabled:
# Implicit flow enabled flag
implicitFlowEnabled:
# Direct access grants enable flag
directAccessGrantsEnabled:
# Service accounts enabled flag
serviceAccountsEnabled:
# Public client flag
publicClient:
# Protocol (openid-connect)
protocol:
# List of string scopes to be added as default
defaultClientScopes: []
# List of string scopes to be added as optional
optionalClientScopes: []
# Map of custom attributes
attributes:
#key1: value1
#key2: value2

0 comments on commit 9c247f1

Please sign in to comment.