feat(keycloak): Upgrade keycloak to version 20.0.0

This patch upgrades keycloak to 20.0.0 and implements the new adminHostname feature by adding the required variables and a separate ingress object, which can be utilised for the admin URL and restrict it independent of the regular frontend.

feat(keycloak): Upgrade keycloak to version 20.0.0
ab19589d · Sheogorath · 6c2f053b · ab19589d · ab19589d · ab19589d
Verified Commit ab19589d authored 2 years ago by Sheogorath
--- a/charts/keycloak/Chart.yaml
+++ b/charts/keycloak/Chart.yaml
@@ -7,6 +7,6 @@ icon: https://www.keycloak.org/resources/images/keycloak_icon_512px.svg
 sources:
  - https://git.shivering-isles.com/shivering-isles/infrastructure-gitops
  - https://github.com/keycloak/keycloak
-version: 0.4.5
+version: 0.5.0
 # renovate: image=quay.io/keycloak/keycloak
-appVersion: "19.0.3"
+appVersion: "20.0.0"
--- a/charts/keycloak/README.md
+++ b/charts/keycloak/README.md
 # keycloak

-![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 19.0.3](https://img.shields.io/badge/AppVersion-19.0.3-informational?style=flat-square)
+![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 20.0.0](https://img.shields.io/badge/AppVersion-20.0.0-informational?style=flat-square)

 (Alpha) A Helm chart for Keycloak on Kubernetes

@@ -15,6 +15,7 @@

 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
+| adminIngress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Optional separate ingress endpoint when keycloak.adminHostname is used |
 | affinity | object | `{}` |  |
 | autoscaling.enabled | bool | `false` |  |
 | autoscaling.maxReplicas | int | `100` |  |
@@ -32,6 +33,7 @@
 | ingress.hosts[0].paths[0].path | string | `"/"` |  |
 | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
 | ingress.tls | list | `[]` |  |
+| keycloak.adminHostname | string | `nil` | Optional Admin Hostname, see https://www.keycloak.org/server/hostname#_administration_console |
 | keycloak.database.password | string | `nil` | password of the database user |
 | keycloak.database.type | string | `"postgres"` | Type of the database, see `db` at https://www.keycloak.org/server/db#_configuring_a_database |
 | keycloak.database.url | string | `nil` | database URL, see `db-url` at https://www.keycloak.org/server/db#_configuring_a_database jdbc:postgresql://localhost/keycloak |

--- a/charts/keycloak/templates/deployment.yaml
+++ b/charts/keycloak/templates/deployment.yaml
@@ -52,6 +52,10 @@ spec:
            - name: KC_METRICS_ENABLED
              value: "true"
            {{- end }}
+            {{- if .Values.keycloak.adminHostname }}
+            - name: KC_ADMIN_HOSTNAME
+              value: "{{ .Values.keycloak.adminHostname }}"
+            {{- end }}
            - name: KC_HOSTNAME
              value: "{{ required "Setting a hostname is required" .Values.keycloak.hostname }}"
            - name: JAVA_OPTS_APPEND

--- a/charts/keycloak/templates/ingress.yaml
+++ b/charts/keycloak/templates/ingress.yaml
@@ -18,6 +18,7 @@ metadata:
  name: {{ $fullName }}
  labels:
    {{- include "keycloak.labels" . | nindent 4 }}
+    app.kubernetes.io/component: ingress
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}

--- a/charts/keycloak/values.yaml
+++ b/charts/keycloak/values.yaml
@@ -16,6 +16,8 @@ image:
 keycloak:
  # -- Hostname used for the keycloak installation
  hostname: keycloak.example.com
+  # -- Optional Admin Hostname, see https://www.keycloak.org/server/hostname#_administration_console
+  adminHostname: null
  database:
    # -- Type of the database, see `db` at https://www.keycloak.org/server/db#_configuring_a_database
    type: postgres
@@ -78,6 +80,22 @@ ingress:
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
+# -- Optional separate ingress endpoint when keycloak.adminHostname is used
+adminIngress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local

 resources:
  limits: