Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: initial commit of doc update #60

Merged
merged 9 commits into from
Apr 19, 2024
Merged

chore: initial commit of doc update #60

Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
4b30e90
initial commit of doc update
UnicornChance Apr 18, 2024
8ca6e8f
Merge branch 'main' into idp-docs
UnicornChance Apr 18, 2024
a8596da
update realm envs
UnicornChance Apr 18, 2024
5b12e92
update docs for prefix envs
UnicornChance Apr 18, 2024
fb63488
update env names
UnicornChance Apr 19, 2024
c0e1da4
make docs a bit simpler
UnicornChance Apr 19, 2024
025f865
Merge branch 'main' into idp-docs
UnicornChance Apr 19, 2024
5f532bc
update docs
UnicornChance Apr 19, 2024
bd392c1
Merge branch 'main' into idp-docs
UnicornChance Apr 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 22 additions & 1 deletion docs/CUSTOMIZE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ Once that cluster is up and healthy and after making theme changes:
```
2. View the changes in the browser

## Override Default Realm
## Customizing Realm

The `UDS Identity` realm is defined in the realm.json found in [src/realm.json](../src/realm.json). This can be modified and will require a new `uds-identity-config` image for `uds-core`.

Expand All @@ -77,6 +77,27 @@ The `UDS Identity` realm is defined in the realm.json found in [src/realm.json](

See the [Testing custom image in UDS Core](./CUSTOMIZE.md#testing-custom-image-in-uds-core) for building, publishing, and using the new image with `uds-core`.

### Templated Realm Values
> Keycloak supports using environment variables within the realm configuration, see [docs](https://www.keycloak.org/server/importExport).
>
> In the uds-core keycloak [values.yaml](https://github.com/defenseunicorns/uds-core/blob/main/src/keycloak/chart/values.yaml), the `realmInitEnv` defines set of environment variables that can be used to configure the realm.
>
> These environment variables will be created with a prefix `REALM_` to avoid collisions with keycloak environment variables. If necessary to add additional template variables within the realm.json must be prefixed with `REALM_`.
>
> For example, this bundle override would set the necessary configuration for a google idp to be enabled:
>
> overrides:
> keycloak:
> keycloak:
> values:
> - path: realmInitEnv
> value:
> GOOGLE_IDP_ENABLED: true
> GOOGLE_IDP_CLIENTID: <fill in value here>
> GOOGLE_IDP_CLIENT_SECRET: <fill in value here>
>
> These environment variables can be found in the [realm.json](../src/realm.json) `identityProviders` section.

## Customize Truststore
The default truststore is configured in a [script](../src/truststore/ca-to-jks.sh) and excuted in the [Dockerfile](../src/Dockerfile). There is a few different ways the script could be customized.

Expand Down