From ab19589d2628b73176ecf21fc05e302bd516e3f7 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 4 Nov 2022 18:07:03 +0100
Subject: [PATCH] feat(keycloak): Upgrade keycloak to version 20.0.0

This patch upgrades keycloak to 20.0.0 and implements the new
adminHostname feature by adding the required variables and a separate
ingress object, which can be utilised for the admin URL and restrict it
independent of the regular frontend.
---
 charts/keycloak/Chart.yaml                |  4 ++--
 charts/keycloak/README.md                 |  4 +++-
 charts/keycloak/templates/deployment.yaml |  4 ++++
 charts/keycloak/templates/ingress.yaml    |  1 +
 charts/keycloak/values.yaml               | 18 ++++++++++++++++++
 5 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/charts/keycloak/Chart.yaml b/charts/keycloak/Chart.yaml
index a04ac9fbb..51d26e2bc 100644
--- a/charts/keycloak/Chart.yaml
+++ b/charts/keycloak/Chart.yaml
@@ -7,6 +7,6 @@ icon: https://www.keycloak.org/resources/images/keycloak_icon_512px.svg
 sources:
   - https://git.shivering-isles.com/shivering-isles/infrastructure-gitops
   - https://github.com/keycloak/keycloak
-version: 0.4.5
+version: 0.5.0
 # renovate: image=quay.io/keycloak/keycloak
-appVersion: "19.0.3"
+appVersion: "20.0.0"
diff --git a/charts/keycloak/README.md b/charts/keycloak/README.md
index d765e41c7..2d1f43abc 100644
--- a/charts/keycloak/README.md
+++ b/charts/keycloak/README.md
@@ -1,6 +1,6 @@
 # keycloak
 
-![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 19.0.3](https://img.shields.io/badge/AppVersion-19.0.3-informational?style=flat-square)
+![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 20.0.0](https://img.shields.io/badge/AppVersion-20.0.0-informational?style=flat-square)
 
 (Alpha) A Helm chart for Keycloak on Kubernetes
 
@@ -15,6 +15,7 @@
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
+| adminIngress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Optional separate ingress endpoint when keycloak.adminHostname is used |
 | affinity | object | `{}` |  |
 | autoscaling.enabled | bool | `false` |  |
 | autoscaling.maxReplicas | int | `100` |  |
@@ -32,6 +33,7 @@
 | ingress.hosts[0].paths[0].path | string | `"/"` |  |
 | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
 | ingress.tls | list | `[]` |  |
+| keycloak.adminHostname | string | `nil` | Optional Admin Hostname, see https://www.keycloak.org/server/hostname#_administration_console |
 | keycloak.database.password | string | `nil` | password of the database user |
 | keycloak.database.type | string | `"postgres"` | Type of the database, see `db` at https://www.keycloak.org/server/db#_configuring_a_database |
 | keycloak.database.url | string | `nil` | database URL, see `db-url` at https://www.keycloak.org/server/db#_configuring_a_database jdbc:postgresql://localhost/keycloak |
diff --git a/charts/keycloak/templates/deployment.yaml b/charts/keycloak/templates/deployment.yaml
index a06209c31..c08a32c30 100644
--- a/charts/keycloak/templates/deployment.yaml
+++ b/charts/keycloak/templates/deployment.yaml
@@ -52,6 +52,10 @@ spec:
             - name: KC_METRICS_ENABLED
               value: "true"
             {{- end }}
+            {{- if .Values.keycloak.adminHostname }}
+            - name: KC_ADMIN_HOSTNAME
+              value: "{{ .Values.keycloak.adminHostname }}"
+            {{- end }}
             - name: KC_HOSTNAME
               value: "{{ required "Setting a hostname is required" .Values.keycloak.hostname }}"
             - name: JAVA_OPTS_APPEND
diff --git a/charts/keycloak/templates/ingress.yaml b/charts/keycloak/templates/ingress.yaml
index d2e79e396..9ed76848d 100644
--- a/charts/keycloak/templates/ingress.yaml
+++ b/charts/keycloak/templates/ingress.yaml
@@ -18,6 +18,7 @@ metadata:
   name: {{ $fullName }}
   labels:
     {{- include "keycloak.labels" . | nindent 4 }}
+    app.kubernetes.io/component: ingress
   {{- with .Values.ingress.annotations }}
   annotations:
     {{- toYaml . | nindent 4 }}
diff --git a/charts/keycloak/values.yaml b/charts/keycloak/values.yaml
index 88c5ae209..61cc2b9c4 100644
--- a/charts/keycloak/values.yaml
+++ b/charts/keycloak/values.yaml
@@ -16,6 +16,8 @@ image:
 keycloak:
   # -- Hostname used for the keycloak installation
   hostname: keycloak.example.com
+  # -- Optional Admin Hostname, see https://www.keycloak.org/server/hostname#_administration_console
+  adminHostname: null
   database:
     # -- Type of the database, see `db` at https://www.keycloak.org/server/db#_configuring_a_database
     type: postgres
@@ -78,6 +80,22 @@ ingress:
   #  - secretName: chart-example-tls
   #    hosts:
   #      - chart-example.local
+# -- Optional separate ingress endpoint when keycloak.adminHostname is used
+adminIngress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
 
 resources:
   limits:
-- 
GitLab