2 # ============LICENSE_START=======================================================
3 # Copyright (C) 2022 Nordix Foundation.
4 # ================================================================================
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # SPDX-License-Identifier: Apache-2.0
18 # ============LICENSE_END=========================================================
35 externalName: keycloak.local
69 imagePullPolicy: IfNotPresent
70 command: ['sh', '-c', 'until nc -vz postgres 5432; do echo waiting for postgres db; sleep 2; done;']
71 serviceAccountName: keycloak
74 image: quay.io/keycloak/keycloak:16.1.1
75 imagePullPolicy: IfNotPresent
79 - name: KEYCLOAK_PASSWORD
81 - name: KEYCLOAK_HTTPS_PORT
83 - name: PROXY_ADDRESS_FORWARDING
85 - name: MANAGEMENT_USER
86 value: "wildfly-admin"
87 - name: MANAGEMENT_PASSWORD
89 - name: INGRESS_ENABLED
103 - name : X509_CA_BUNDLE
104 value: /etc/x509/https/rootCA.crt
112 path: /auth/realms/master
115 - name: keycloak-certs
116 mountPath: /etc/x509/https
118 - name: keycloak-certs
120 path: /var/keycloak/certs
123 apiVersion: networking.istio.io/v1alpha3
130 istio: ingressgateway # use istio default ingress gateway
147 apiVersion: networking.istio.io/v1alpha3
150 name: keycloak-tls-vs
164 host: keycloak.default.svc.cluster.local
168 apiVersion: networking.istio.io/v1beta1
179 - name: "keycloak-routes"
187 host: keycloak.default.svc.cluster.local