refactor(lychee/keycloak): use values instead of valuesObject

2023-10-03 09:43:52 +02:00 · 2023-10-03 09:43:52 +02:00 · 7f64d670f9
commit 7f64d670f9
parent f1d9150975
1 changed files with 116 additions and 1 deletions
--- a/clusters/lychee/keycloak.yaml
+++ b/clusters/lychee/keycloak.yaml
@ -22,7 +22,122 @@ spec:
    targetRevision: 16.1.1
    helm:
      releaseName: keycloak
-      valuesObject:
+      # valuesObject:
      #   auth:
      #     adminUser: mareshqadmin
      #     existingSecret: keycloak-admin-password
      #     passwordSecretKey: password
      #   global:
      #     storageClass: hcloud-volumes
      #   replicaCount: 2
      #   pdb:
      #     create: true
      #     minAvailable: 1
      #   autoscaling:
      #     enabled: false
      #   resources:
      #     limits:
      #       cpu: 500m
      #       memory: 1Gi
      #     requests:
      #       cpu: 500m
      #       memory: 1Gi
      #   # Pods must be spread across nodes
      #   # See: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_affinities.tpl#L56-L106
      #   podAntiAffinityPreset: hard
      #   updateStrategy:
      #     type: RollingUpdate
      #     # See: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#maximum-unavailable-pods
      #     # rollingUpdate:
      #     #   maxUnavailable: 1
      #   service:
      #     type: ClusterIP
      #     # http:
      #     #   enable: false
      #   ingress:
      #     enabled: true
      #     hostname: sso.mareshq.com
      #     servicePort: https
      #     ingressClassName: nginx
      #     tls: true
      #     annotations:
      #       cert-manager.io/cluster-issuer: letsencrypt-prod
      #       # Allow self-signed certificates on the backend
      #       nginx.ingress.kubernetes.io/server-snippet: |
      #         proxy_ssl_verify off;
      #       nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
      #       nginx.ingress.kubernetes.io/proxy-buffering: "on"
      #       nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
      #       nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
      #   tls:
      #     enabled: true
      #     autoGenerated: true
      #   production: true
      #   metrics:
      #     enabled: true
      #     serviceMonitor:
      #       enabled: false
      #   postgresql:
      #     enabled: false
      #   externalDatabase:
      #     existingSecret: keycloak-database
      #     existingSecretHostKey: host
      #     existingSecretPortKey: port
      #     existingSecretDatabaseKey: database
      #     existingSecretUserKey: username
      #     existingSecretPasswordKey: password
      #   startupProbe:
      #     # Keycloak should be ready to serve requests within 15 minutes
      #     enabled: true
      #     initialDelaySeconds: 180 # 3min
      #     periodSeconds: 10
      #     timeoutSeconds: 5
      #     failureThreshold: 80 # 12min
      #     successThreshold: 1
      #   # Custom theme installation and configuration
      #   initContainers:
      #     - name: theme-installer
      #       image: busybox:latest
      #       command:
      #         - /bin/sh
      #         - "-c"
      #         - |
      #           wget https://cdn.mareshq.com/keywind.tar.gz -O /tmp/keywind.tar.gz
      #           tar -xzvf /tmp/keywind.tar.gz -C /opt/bitnami/keycloak/themes
      #       volumeMounts:
      #         - mountPath: /opt/bitnami/keycloak/themes/keywind
      #           name: theme
      #   extraVolumes:
      #     - name: theme
      #       emptyDir: {}
      #   extraVolumeMounts:
      #     - name: theme
      #       mountPath: /opt/bitnami/keycloak/themes/keywind
      values: |
        auth:
          adminUser: mareshqadmin
          existingSecret: keycloak-admin-password