From d76181a2a84bb5a8ad0f787d59fbb7ebb134c5d6 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Mon, 2 Dec 2024 19:59:08 +1100 Subject: [PATCH] chore: add support for keycloak admin api client values --- charts/lagoon-core/Chart.yaml | 14 +------------- charts/lagoon-core/templates/api.deployment.yaml | 10 ++++++++++ charts/lagoon-core/templates/keycloak.secret.yaml | 2 ++ charts/lagoon-core/values.yaml | 1 + 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 60cb18ce..60d710c8 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -41,16 +41,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: update lagoon AppVersion to v2.22.0 - links: - - name: lagoon releases - url: https://github.com/uselagoon/lagoon/releases/tag/v2.22.0 - - kind: changed - description: update ssh-portal-api and ssh-token to v0.41.3 - links: - - name: lagoon-ssh-portal releases - url: https://github.com/uselagoon/lagoon-ssh-portal/releases - - kind: changed - description: update NATS chart dependency to v1.2.x - - kind: changed - description: add KEYCLOAK_LAGOON_UI_OIDC_CLIENT_SECRET variable to keycloak and ui deployment + description: add KEYCLOAK_ADMIN_API_CLIENT_SECRET variable to keycloak and api deployment diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 1c96bca7..1b07db3a 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -58,6 +58,11 @@ spec: secretKeyRef: name: {{ include "lagoon-core.keycloak.fullname" . }} key: KEYCLOAK_API_CLIENT_SECRET + - name: KEYCLOAK_ADMIN_API_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_ADMIN_API_CLIENT_SECRET - name: KEYCLOAK_FRONTEND_URL {{- if .Values.keycloakFrontEndURL }} value: {{ .Values.keycloakFrontEndURL }}/auth @@ -155,6 +160,11 @@ spec: secretKeyRef: name: {{ include "lagoon-core.keycloak.fullname" . }} key: KEYCLOAK_API_CLIENT_SECRET + - name: KEYCLOAK_ADMIN_API_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_ADMIN_API_CLIENT_SECRET - name: KEYCLOAK_FRONTEND_URL {{- if .Values.keycloakFrontEndURL }} value: {{ .Values.keycloakFrontEndURL }}/auth diff --git a/charts/lagoon-core/templates/keycloak.secret.yaml b/charts/lagoon-core/templates/keycloak.secret.yaml index 9f3e5270..3d0040e9 100644 --- a/charts/lagoon-core/templates/keycloak.secret.yaml +++ b/charts/lagoon-core/templates/keycloak.secret.yaml @@ -8,6 +8,7 @@ This somewhat complex logic is intended to: {{- $keycloakDBPassword := coalesce .Values.keycloakDBPassword (ternary (randAlpha 32) (index $data "DB_PASSWORD" | default "" | b64dec) (index $data "DB_PASSWORD" | empty)) }} {{- $keycloakAdminPassword := coalesce .Values.keycloakAdminPassword (ternary (randAlpha 32) (index $data "KEYCLOAK_ADMIN_PASSWORD" | default "" | b64dec) (index $data "KEYCLOAK_ADMIN_PASSWORD" | empty)) }} {{- $keycloakAPIClientSecret := coalesce .Values.keycloakAPIClientSecret (ternary uuidv4 (index $data "KEYCLOAK_API_CLIENT_SECRET" | default "" | b64dec) (index $data "KEYCLOAK_API_CLIENT_SECRET" | empty)) }} +{{- $keycloakAdminAPIClientSecret := coalesce .Values.keycloakAdminAPIClientSecret (ternary uuidv4 (index $data "KEYCLOAK_ADMIN_API_CLIENT_SECRET" | default "" | b64dec) (index $data "KEYCLOAK_ADMIN_API_CLIENT_SECRET" | empty)) }} {{- $keycloakAuthServerClientSecret := coalesce .Values.keycloakAuthServerClientSecret (ternary uuidv4 (index $data "KEYCLOAK_AUTH_SERVER_CLIENT_SECRET" | default "" | b64dec) (index $data "KEYCLOAK_AUTH_SERVER_CLIENT_SECRET" | empty)) }} {{- $keycloakServiceAPIClientSecret := coalesce .Values.keycloakServiceAPIClientSecret (ternary uuidv4 (index $data "KEYCLOAK_SERVICE_API_CLIENT_SECRET" | default "" | b64dec) (index $data "KEYCLOAK_SERVICE_API_CLIENT_SECRET" | empty)) }} {{- $keycloakLagoonUIOIDCClientSecret := coalesce .Values.keycloakLagoonUIOIDCClientSecret (ternary uuidv4 (index $data "KEYCLOAK_LAGOON_UI_OIDC_CLIENT_SECRET" | default "" | b64dec) (index $data "KEYCLOAK_LAGOON_UI_OIDC_CLIENT_SECRET" | empty)) }} @@ -26,6 +27,7 @@ stringData: DB_PASSWORD: {{ $keycloakDBPassword | quote }} KEYCLOAK_ADMIN_PASSWORD: {{ $keycloakAdminPassword }} KEYCLOAK_API_CLIENT_SECRET: {{ $keycloakAPIClientSecret }} + KEYCLOAK_ADMIN_API_CLIENT_SECRET: {{ $keycloakAdminAPIClientSecret }} KEYCLOAK_AUTH_SERVER_CLIENT_SECRET: {{ $keycloakAuthServerClientSecret | quote }} KEYCLOAK_SERVICE_API_CLIENT_SECRET: {{ $keycloakServiceAPIClientSecret | quote }} KEYCLOAK_LAGOON_UI_OIDC_CLIENT_SECRET: {{ $keycloakLagoonUIOIDCClientSecret | quote }} diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 11c17f30..92eb9227 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -44,6 +44,7 @@ # jwtSecret: # keycloakAdminPassword: # keycloakAPIClientSecret: +# keycloakAdminAPIClientSecret: # keycloakAuthServerClientSecret: # keycloakLagoonUIOIDCClientSecret: # keycloakDBPassword: