[Skip-CI] Update deployment for keycloak 20

src/main/cljc/dda/c4k_keycloak/keycloak.cljc

@@ -48,5 +48,10 @@
 (defn-spec generate-service cp/map-or-seq? []
   (yaml/load-as-edn "keycloak/service.yaml"))
 
-(defn-spec generate-deployment cp/map-or-seq? []
+(defn-spec generate-deployment cp/map-or-seq?
-  (yaml/load-as-edn "keycloak/deployment.yaml"))
+  [config config?]
+  (let [{:keys [fqdn]} config]
+    (-> 
+     (yaml/load-as-edn "keycloak/deployment.yaml")
+     (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
+  

src/main/resources/keycloak/deployment.yaml

@@ -17,8 +17,21 @@ spec:
     spec:
       containers:
       - name: keycloak
-        image: quay.io/keycloak/keycloak:13.0.0
+        image: quay.io/keycloak/keycloak:20.0.3
+        imagePullPolicy: IfNotPresent
+        args:
+        - start
+        volumeMounts:
+        - name: keycloak-cert
+          mountPath: /etc/certs
+          readOnly: true
         env:
+        - name: HTTPS_CERTIFICATE_FILE
+          value: /etc/certs/tls.crt
+        - name: HTTPS_CERTIFICATE_KEY_FILE
+          value: /etc/certs/tls.key
+        - name: HOSTNAME
+          value: FQDN
         - name: DB_VENDOR
           value: POSTGRES
         - name: DB_ADDR
@@ -59,3 +72,13 @@ spec:
           httpGet:
             path: /auth/realms/master
             port: 8080
+      volumes:
+        - name: keycloak-cert
+          secret:
+            secretName: keycloak
+            items:
+              - key: tls.crt
+                path: tls.crt
+              - key: tls.key
+                path: tls.key
+