Skip to content

Commit

Permalink
KIND testing
Browse files Browse the repository at this point in the history
Signed-off-by: Andrew Block <andy.block@gmail.com>
  • Loading branch information
sabre1041 committed Mar 18, 2024
1 parent 7a02a10 commit dcfc3f3
Show file tree
Hide file tree
Showing 9 changed files with 67 additions and 9 deletions.
7 changes: 4 additions & 3 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -100,15 +100,16 @@ jobs:
# wait for a while to be sure CRDs are installed
sleep 1
kubectl create -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.25.0/olm.yaml
kubectl create --kustomize keycloak/operator/overlay/kind
oc create namespace keycloak-system --dry-run=client -o yaml | oc apply -f-
helm upgrade -i -n keycloak-system charts/keycloak-operator -f kind/values/values-keycloak-operator.yaml
until [ ! -z "$(kubectl get pod -l name=keycloak-operator -n keycloak-system 2>/dev/null)" ]
do
echo "Waiting for keycloak operator. Pods in keycloak-system namespace:"
kubectl get pods -n keycloak-system
sleep 10
done
kubectl create --kustomize keycloak/resources/overlay/kind
until [[ $( oc get keycloak keycloak -o jsonpath='{.status.ready}' -n keycloak-system 2>/dev/null) == "true" ]]
helm upgrade -i -n keycloak-system charts/keycloak -f kind/values/values-keycloak.yaml
until [[ $( oc get keycloak keycloak -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}' -n keycloak-system 2>/dev/null) == "True" ]]
do
printf "Waiting for keycloak deployment. \n Keycloak ready: %s\n" $(oc get keycloak keycloak -o jsonpath='{.status.ready}' -n keycloak-system)
sleep 10
Expand Down
5 changes: 5 additions & 0 deletions charts/keycloak/ci/ct-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---

keycloak:
ingress:
host: foo
10 changes: 10 additions & 0 deletions charts/keycloak/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -139,3 +139,13 @@ Name of the TLS Secret
{{ len .Values.keycloak.tls.secret }}
{{- end }}
{{- end }}

{{/*
Keycloak hostname
*/}}
{{- define "keycloak.hostname" -}}
{{- if .Values.keycloak.strictHostname -}}
{{ required "A valid hostname must be provided" (tpl .Values.keycloak.ingress.host $) }}
{{- else -}}
{{- end -}}
{{- end }}
5 changes: 4 additions & 1 deletion charts/keycloak/templates/keycloak/keycloak-ingress.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
{{- $keycloakName := include "keycloak.fullname" . }}
{{- $keycloakHostname := include "keycloak.hostname" . }}
{{- if $keycloakHostname -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
Expand All @@ -21,7 +23,7 @@ spec:
port:
number: {{ .Values.keycloak.service.port }}
rules:
- host: {{ required "A valid hostname must be provided" (tpl .Values.keycloak.ingress.host $) }}
- host: {{ $keycloakHostname }}
http:
paths:
- backend:
Expand All @@ -30,3 +32,4 @@ spec:
port:
number: {{ .Values.keycloak.service.port }}
pathType: ImplementationSpecific
{{- end -}}
16 changes: 12 additions & 4 deletions charts/keycloak/templates/keycloak/keycloak.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- $keycloakHostname := include "keycloak.hostname" . }}
apiVersion: k8s.keycloak.org/v2alpha1
kind: Keycloak
metadata:
Expand All @@ -16,9 +17,6 @@ spec:
key: {{ .Values.postgresql.secret.usernameKey }}
name: {{ include "keycloak.postgresql.secret.name" . }}
vendor: postgres
hostname:
strict: false
strictBackchannel: false
http:
{{- if .Values.keycloak.tls.enabled }}
tlsSecret: keycloak-tls
Expand All @@ -28,6 +26,16 @@ spec:
ingress:
enabled: false
hostname:
hostname: {{ tpl .Values.keycloak.ingress.host $ }}
strict: {{ .Values.keycloak.strictHostname }}
{{- if $keycloakHostname }}
hostname: {{ $keycloakHostname }}
{{- end }}
strictBackchannel: {{ not .Values.keycloak.tls.enabled }}
instances: 1
{{- if .Values.keycloak.resources }}
unsupported:
podTemplate:
spec:
containers:
- resources: {{- tpl (toYaml .Values.keycloak.resources) $ | nindent 14 }}
{{- end }}
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ spec:
{{ tpl (toYaml .Values.postgresql.image.pullSecrets) $ | indent 8 }}
{{- end }}
securityContext:
runAsNonRoot: true
runAsNonRoot: {{ .Values.postgresql.securityContext.runAsNonRoot }}
seccompProfile:
type: RuntimeDefault
terminationGracePeriodSeconds: 30
Expand Down
4 changes: 4 additions & 0 deletions charts/keycloak/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ keycloak:
tls:
enabled: true
secret: ""
resources: {}
strictHostname: true

postgresql:
image:
Expand Down Expand Up @@ -54,6 +56,8 @@ postgresql:
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
securityContext:
runAsNonRoot: true
persistence:
size: 5Gi
accessModes:
Expand Down
7 changes: 7 additions & 0 deletions kind/values-keycloak-operator.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---

subscription:
channel: "fast"
name: "keycloak-operator"
source: "operatorhubio-catalog"
sourceNamespace: "olm"
20 changes: 20 additions & 0 deletions kind/values-keycloak.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---

openshift: false

keycloak:
strictHostname: false
tls:
enabled: false
resources:
requests:
memory: 512Mi

postgresql:
image:
registry: quay.io
repository: sclorg/postgresql-15-c9s
version: latest



0 comments on commit dcfc3f3

Please sign in to comment.