davad/argo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

chore(keyclok): switch to using a secret for admin credentials, try to use Postgres instead of SQLite

Browse source
This commit is contained in:
David Landry 2024-03-28 12:17:20 -05:00
parent dbc1b6b4b9
commit da2cb9a4df
2 changed files with 98 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

51
apps/keycloak/base/keycloak.yaml
View file

@ -1,4 +1,14 @@
apiVersion: v1
data:
password: YkJiNXU3NXRaYUR0ZHVudw==
username: YWRtaW4=
kind: Secret
metadata:
name: keycloak-admin
type: kubernetes.io/basic-auth
---
apiVersion: v1
kind: Service
metadata:
name: keycloak
@ -12,6 +22,7 @@ spec:
selector:
app: keycloak
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
@ -35,11 +46,47 @@ spec:
args: ["start-dev"]
env:
- name: KEYCLOAK_ADMIN
value: "admin"
valueFrom:
secretKeyRef:
key: username
name: keycloak-admin
- name: KEYCLOAK_ADMIN_PASSWORD
value: "bBb5u75tZaDtdunw"
valueFrom:
secretKeyRef:
key: password
name: keycloak-admin
- name: KC_PROXY
value: "edge"
- name: KC_HEALTH_ENABLED
value: "true"
- name: KC_METRICS_ENABLED
value: "true"
- name: KC_HOSTNAME_STRICT_HTTPS
value: "true"
- name: KC_LOG_LEVEL
value: INFO
- name: KC_DB
value: postgres
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: keycloak-pg-cluster-app
key: username
- name: KC_DB_URL
valueFrom:
secretKeyRef:
name: keycloak-pg-cluster-app
key: jdbc-uri
- name: KC_DB_USERNAME
valueFrom:
secretKeyRef:
name: keycloak-pg-cluster-app
key: username
- name: KC_DB_PASSWORD
valueFrom:
secretKeyRef:
name: keycloak-pg-cluster-app
key: password
ports:
- name: http
containerPort: 8080