From adb9ba2b58623af6a410032ac085d8e6ea4adeb6 Mon Sep 17 00:00:00 2001 From: Tunahan Cicek Date: Mon, 1 Jul 2024 14:50:17 +0200 Subject: [PATCH] Fix keycloak config-map issue --- charts/registry/Chart.yaml | 2 +- charts/registry/README.md | 120 +++++++++--------- .../keycloak/init-script-configmap.yaml | 2 +- charts/registry/values.yaml | 11 +- 4 files changed, 68 insertions(+), 67 deletions(-) diff --git a/charts/registry/Chart.yaml b/charts/registry/Chart.yaml index 06e0c706..0f4400e2 100644 --- a/charts/registry/Chart.yaml +++ b/charts/registry/Chart.yaml @@ -26,7 +26,7 @@ sources: - https://github.com/eclipse-tractusx/sldt-digital-twin-registry type: application -version: 0.4.12 +version: 0.5.0 appVersion: 0.4.3 dependencies: diff --git a/charts/registry/README.md b/charts/registry/README.md index d1a4dc41..7b4855e6 100644 --- a/charts/registry/README.md +++ b/charts/registry/README.md @@ -30,67 +30,67 @@ helm install registry -n semantics charts/registry ## Values -| Key | Type | Default | Description | -|------------------------------------------------|--------|----------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------| -| enableKeycloak | bool | `true` | | -| enablePostgres | bool | `true` | | +| Key | Type | Default | Description | +|------------------------------------------------|--------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------| +| enableKeycloak | bool | `true` | | +| enablePostgres | bool | `true` | | | keycloak.args[0] | string | `"kc.sh import --file /opt/keycloak/data/import/default-realm-import.json; kc.sh start-dev --hostname=registry-keycloak --hostname-strict=false --proxy=edge"` | | -| keycloak.auth.adminPassword | string | `"admin"` | | -| keycloak.auth.adminUser | string | `"admin"` | | -| keycloak.command[0] | string | `"/bin/sh"` | | -| keycloak.command[1] | string | `"-c"` | | -| keycloak.externalDatabase.existingSecret | string | `"keycloak-database-credentials"` | | -| keycloak.extraVolumeMounts[0].mountPath | string | `"/opt/keycloak/data/import/default-realm-import.json"` | | -| keycloak.extraVolumeMounts[0].name | string | `"init-script-vol"` | | -| keycloak.extraVolumeMounts[0].subPath | string | `"default-realm-import.json"` | | -| keycloak.extraVolumes[0].configMap.name | string | `"init-script-vol"` | | -| keycloak.extraVolumes[0].name | string | `"init-script-vol"` | | -| keycloak.fullnameOverride | string | `"registry-keycloak"` | | -| keycloak.postgresql.enabled | bool | `false` | | -| keycloak.service.type | string | `"ClusterIP"` | | -| postgresql.auth.database | string | `"default-database"` | | -| postgresql.auth.password | string | `"password"` | | -| postgresql.auth.username | string | `"default-user"` | | -| postgresql.primary.persistence.enabled | bool | `true` | | -| postgresql.primary.persistence.size | string | `"50Gi"` | | -| postgresql.service.ports.postgresql | int | `5432` | | -| registry.authentication | bool | `true` | | -| registry.containerPort | int | `4243` | | -| registry.dataSource.driverClassName | string | `"org.postgresql.Driver"` | | -| registry.dataSource.password | string | `""` | | -| registry.dataSource.sqlInitPlatform | string | `"pg"` | | -| registry.dataSource.url | string | `"jdbc:postgresql://database:5432"` | | -| registry.dataSource.user | string | `"default-user"` | | -| registry.host | string | `"minikube"` | | -| registry.identityProvider | string | `"keycloak"` | | -| registry.idpClientId | string | `"default-client"` | | -| registry.idpInternalClientId | string | `"default-client"` | | -| registry.idpIssuerUri | string | `""` | | -| registry.image.registry | string | `"docker.io"` | | -| registry.image.repository | string | `"tractusx/sldt-digital-twin-registry"` | | -| registry.image.version | string | `""` | | -| registry.imagePullPolicy | string | `"IfNotPresent"` | | -| registry.ingress.annotations | object | `{}` | | -| registry.ingress.className | string | `"nginx"` | | -| registry.ingress.enabled | bool | `false` | | -| registry.ingress.tls | bool | `false` | | -| registry.ingress.urlPrefix | string | `"/semantics/registry"` | | -| registry.replicaCount | int | `1` | | -| registry.resources.limits.memory | string | `"1024Mi"` | | -| registry.resources.requests.memory | string | `"512Mi"` | | -| registry.service.port | int | `8080` | | -| registry.service.type | string | `"ClusterIP"` | | -| registry.tenantId | string | `"default-tenant"` | | -| registry.externalSubjectIdWildcardPrefix | string | `PUBLIC_READABLE` | | -| registry.externalSubjectIdWildcardAllowedTypes | string | `manufacturerPartId,assetLifecyclePhase` | | -| registry.livenessProbe.initialDelaySeconds | int | `100` | | -| registry.livenessProbe.failureThreshold | int | `3` | | -| registry.livenessProbe.periodSeconds | int | `3` | | -| registry.readinessProbe.initialDelaySeconds | int | `100` | | -| registry.readinessProbe.failureThreshold | int | `3` | | -| registry.readinessProbe.periodSeconds | int | `3` | | -| registry.useGranularAccessControl | string | `"true"` | Turns the granular access control on/off. | -| registry.granularAccessControlFetchSize | string | `"500"` | Defines how many records should be fetched in one query when using granular access control. | +| keycloak.auth.adminPassword | string | `"admin"` | | +| keycloak.auth.adminUser | string | `"admin"` | | +| keycloak.command[0] | string | `"/bin/sh"` | | +| keycloak.command[1] | string | `"-c"` | | +| keycloak.externalDatabase.existingSecret | string | `"keycloak-database-credentials"` | | +| keycloak.extraVolumeMounts[0].mountPath | string | `"/opt/keycloak/data/import/default-realm-import.json"` | | +| keycloak.extraVolumeMounts[0].name | string | `"registry-keycloak-configmap"` | default is "{{ .Values.keycloak.fullnameOverride }}-configmap" | +| keycloak.extraVolumeMounts[0].subPath | string | `"default-realm-import.json"` | | +| keycloak.extraVolumes[0].configMap.name | string | `"registry-keycloak-configmap"` | default is "{{ .Values.keycloak.fullnameOverride }}-configmap" | +| keycloak.extraVolumes[0].name | string | `"registry-keycloak-configmap"` | default is "{{ .Values.keycloak.fullnameOverride }}-configmap" | +| keycloak.fullnameOverride | string | `"registry-keycloak"` | | +| keycloak.postgresql.enabled | bool | `false` | | +| keycloak.service.type | string | `"ClusterIP"` | | +| postgresql.auth.database | string | `"default-database"` | | +| postgresql.auth.password | string | `"password"` | | +| postgresql.auth.username | string | `"default-user"` | | +| postgresql.primary.persistence.enabled | bool | `true` | | +| postgresql.primary.persistence.size | string | `"50Gi"` | | +| postgresql.service.ports.postgresql | int | `5432` | | +| registry.authentication | bool | `true` | | +| registry.containerPort | int | `4243` | | +| registry.dataSource.driverClassName | string | `"org.postgresql.Driver"` | | +| registry.dataSource.password | string | `""` | | +| registry.dataSource.sqlInitPlatform | string | `"pg"` | | +| registry.dataSource.url | string | `"jdbc:postgresql://database:5432"` | | +| registry.dataSource.user | string | `"default-user"` | | +| registry.host | string | `"minikube"` | | +| registry.identityProvider | string | `"keycloak"` | | +| registry.idpClientId | string | `"default-client"` | | +| registry.idpInternalClientId | string | `"default-client"` | | +| registry.idpIssuerUri | string | `""` | | +| registry.image.registry | string | `"docker.io"` | | +| registry.image.repository | string | `"tractusx/sldt-digital-twin-registry"` | | +| registry.image.version | string | `""` | | +| registry.imagePullPolicy | string | `"IfNotPresent"` | | +| registry.ingress.annotations | object | `{}` | | +| registry.ingress.className | string | `"nginx"` | | +| registry.ingress.enabled | bool | `false` | | +| registry.ingress.tls | bool | `false` | | +| registry.ingress.urlPrefix | string | `"/semantics/registry"` | | +| registry.replicaCount | int | `1` | | +| registry.resources.limits.memory | string | `"1024Mi"` | | +| registry.resources.requests.memory | string | `"512Mi"` | | +| registry.service.port | int | `8080` | | +| registry.service.type | string | `"ClusterIP"` | | +| registry.tenantId | string | `"default-tenant"` | | +| registry.externalSubjectIdWildcardPrefix | string | `PUBLIC_READABLE` | | +| registry.externalSubjectIdWildcardAllowedTypes | string | `manufacturerPartId,assetLifecyclePhase` | | +| registry.livenessProbe.initialDelaySeconds | int | `100` | | +| registry.livenessProbe.failureThreshold | int | `3` | | +| registry.livenessProbe.periodSeconds | int | `3` | | +| registry.readinessProbe.initialDelaySeconds | int | `100` | | +| registry.readinessProbe.failureThreshold | int | `3` | | +| registry.readinessProbe.periodSeconds | int | `3` | | +| registry.useGranularAccessControl | string | `"true"` | Turns the granular access control on/off. | +| registry.granularAccessControlFetchSize | string | `"500"` | Defines how many records should be fetched in one query when using granular access control. | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/registry/templates/keycloak/init-script-configmap.yaml b/charts/registry/templates/keycloak/init-script-configmap.yaml index 5c012c1e..d1b54d8a 100644 --- a/charts/registry/templates/keycloak/init-script-configmap.yaml +++ b/charts/registry/templates/keycloak/init-script-configmap.yaml @@ -23,7 +23,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: {{ include "dtr.fullname" . }}-keycloak-configmap + name: {{ .Values.keycloak.fullnameOverride }}-configmap data: default-realm-import.json: |- {{ .Files.Get "config/default-realm-import.json" | indent 4 }} diff --git a/charts/registry/values.yaml b/charts/registry/values.yaml index eb1fae2d..f4030f5c 100644 --- a/charts/registry/values.yaml +++ b/charts/registry/values.yaml @@ -131,16 +131,17 @@ keycloak: adminPassword: service: type: ClusterIP - extraVolumes: - - name: init-script-vol - configMap: - name: init-script-vol # Mounting a keycloak realm configuration file fullnameOverride: registry-keycloak + # default configMap is keycloak.fullnameOverride-configmap + extraVolumes: + - name: registry-keycloak-configmap + configMap: + name: registry-keycloak-configmap extraVolumeMounts: - mountPath: /opt/keycloak/data/import/default-realm-import.json subPath: default-realm-import.json - name: init-script-vol + name: registry-keycloak-configmap # Using a pre-configured Keycloak with a default realm, # containing a test client and user with the necessary roles to # authorize requests to the digital twin registry.