🔧(helmfile) personalize keycloak configuration

The keycloak configuration used in dev environment is too generic and we can have a conflict with other project that are using the same ingress domain. Also the namespace was missing in the keycloak extra ConfigMap leading to creating it in the default namespace.
2025-04-15 12:02:57 +02:00
parent b58c991c81
commit df173c3ce6
2 changed files with 8 additions and 7 deletions
--- a/src/helm/env.d/dev/values.impress.yaml.gotmpl
+++ b/src/helm/env.d/dev/values.impress.yaml.gotmpl
@@ -33,11 +33,11 @@ backend:
    LOGGING_LEVEL_LOGGERS_APP: INFO
    USER_OIDC_FIELD_TO_SHORTNAME: "given_name"
    USER_OIDC_FIELDS_TO_FULLNAME: "given_name,usual_name"
-    OIDC_OP_JWKS_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/certs
-    OIDC_OP_AUTHORIZATION_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/auth
-    OIDC_OP_TOKEN_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/token
-    OIDC_OP_USER_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/userinfo
-    OIDC_OP_LOGOUT_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/logout
+    OIDC_OP_JWKS_ENDPOINT: https://docs-keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/certs
+    OIDC_OP_AUTHORIZATION_ENDPOINT: https://docs-keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/auth
+    OIDC_OP_TOKEN_ENDPOINT: https://docs-keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/token
+    OIDC_OP_USER_ENDPOINT: https://docs-keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/userinfo
+    OIDC_OP_LOGOUT_ENDPOINT: https://docs-keycloak.127.0.0.1.nip.io/realms/impress/protocol/openid-connect/logout
    OIDC_RP_CLIENT_ID: impress
    OIDC_RP_CLIENT_SECRET: ThisIsAnExampleKeyForDevPurposeOnly
    OIDC_RP_SIGN_ALGO: RS256
--- a/src/helm/helmfile.yaml
+++ b/src/helm/helmfile.yaml
@@ -26,7 +26,7 @@ releases:
          - name: KEYCLOAK_EXTRA_ARGS
            value: "--import-realm"
          - name: KC_HOSTNAME_URL
-            value: https://keycloak.127.0.0.1.nip.io
+            value: https://docs-keycloak.127.0.0.1.nip.io
      - extraVolumes:
          - name: import
            configMap:
@@ -40,12 +40,13 @@ releases:
      - proxy: edge
      - ingress:
          enabled: true
-          hostname: keycloak.127.0.0.1.nip.io
+          hostname: docs-keycloak.127.0.0.1.nip.io
      - extraDeploy:
        - apiVersion: v1
          kind: ConfigMap
          metadata:
            name: docs-keycloak
+            namespace: {{ .Namespace }}
          data:
            impress.json: |
 {{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://impress.127.0.0.1.nip.io" | indent 14 }}