[Skip-CI] Update deployment for keycloak 20

1 year ago · 49e96a579d
parent 4641a6592b
commit 49e96a579d
2 changed files with 31 additions and 3 deletions
--- a/src/main/cljc/dda/c4k_keycloak/keycloak.cljc
+++ b/src/main/cljc/dda/c4k_keycloak/keycloak.cljc
@ -48,5 +48,10 @@
 (defn-spec generate-service cp/map-or-seq? []
  (yaml/load-as-edn "keycloak/service.yaml"))

-(defn-spec generate-deployment cp/map-or-seq? []
-  (yaml/load-as-edn "keycloak/deployment.yaml"))
+(defn-spec generate-deployment cp/map-or-seq?
+  [config config?]
+  (let [{:keys [fqdn]} config]
+    (-> 
+     (yaml/load-as-edn "keycloak/deployment.yaml")
+     (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
+  
--- a/src/main/resources/keycloak/deployment.yaml
+++ b/src/main/resources/keycloak/deployment.yaml
@ -17,8 +17,21 @@ spec:
    spec:
      containers:
      - name: keycloak
-        image: quay.io/keycloak/keycloak:13.0.0
+        image: quay.io/keycloak/keycloak:20.0.3
+        imagePullPolicy: IfNotPresent
+        args:
+        - start
+        volumeMounts:
+        - name: keycloak-cert
+          mountPath: /etc/certs
+          readOnly: true
        env:
+        - name: HTTPS_CERTIFICATE_FILE
+          value: /etc/certs/tls.crt
+        - name: HTTPS_CERTIFICATE_KEY_FILE
+          value: /etc/certs/tls.key
+        - name: HOSTNAME
+          value: FQDN
        - name: DB_VENDOR
          value: POSTGRES
        - name: DB_ADDR
@ -59,3 +72,13 @@ spec:
          httpGet:
            path: /auth/realms/master
            port: 8080
+      volumes:
+        - name: keycloak-cert
+          secret:
+            secretName: keycloak
+            items:
+              - key: tls.crt
+                path: tls.crt
+              - key: tls.key
+                path: tls.key
+