[incubator/keycloak] Add miscellaneous improvements #5372
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
cc @nexeck |
unguiculus
force-pushed
the
feature/keycloak
branch
4 times, most recently
from
0c224fa to
231f923
Compare
* Update Keycloak to 3.4.3.Final * Use nc to check for PostgreSQL availability in order to avoid RBAC configurations * Allow additional volumes and mounts to be configured * Allow custom pre-start script to be configured * Improve affinity configuration * Add security context * Update _helpers.tpl * Only add environment variables for Keycloak credentials on install. They are only needed for creating the intial user. This avoids an error in the logs * Add pod disruption budget * Make test more robust
unguiculus
force-pushed
the
feature/keycloak
branch
from
231f923 to
453fdb9
Compare
|
/assign lachie83 |
|
why get rid of RBAC? if KUBE_PING gets adopted won't that be needed? |
|
@mozesmagyar The chart uses JDBC_PING which doesn't need RBAC. |
|
@nexeck Please review. |
|
|
||
| exec /opt/jboss/docker-entrypoint.sh "${args[@]}" | ||
| exec /opt/jboss/docker-entrypoint.sh -b 0.0.0.0 {{- if $highAvailability }} --server-config standalone-ha.xml{{ end }} |
There was a problem hiding this comment.
possible to include additional args? for example, it would be nice to include importing realm settings for an install...
There was a problem hiding this comment.
Let me think about it. I'd say this could go into a separate PR.
|
what's the likelihood of this getting merged before the 25th? |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lachie83, unguiculus The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Thanks for the improvements unguiculus! The change below with tls is more consistent with other helm charts my team uses. For future searchers (see error at end of comment). 1This update breaks custom tls values, you will need to upgrade your For instance, my values changed from: To 2Also, 3The following also changes, see How to pin your helm chart
Helm upgrade error I encountered to hopefully help with SEO:
|
* [incubator/keycloak] Add miscellaneous improvements * Update Keycloak to 3.4.3.Final * Use nc to check for PostgreSQL availability in order to avoid RBAC configurations * Allow additional volumes and mounts to be configured * Allow custom pre-start script to be configured * Improve affinity configuration * Add security context * Update _helpers.tpl * Only add environment variables for Keycloak credentials on install. They are only needed for creating the intial user. This avoids an error in the logs * Add pod disruption budget * Make test more robust * Update Postgresql dependency * Align ingress configuration with best practices
* [incubator/keycloak] Add miscellaneous improvements * Update Keycloak to 3.4.3.Final * Use nc to check for PostgreSQL availability in order to avoid RBAC configurations * Allow additional volumes and mounts to be configured * Allow custom pre-start script to be configured * Improve affinity configuration * Add security context * Update _helpers.tpl * Only add environment variables for Keycloak credentials on install. They are only needed for creating the intial user. This avoids an error in the logs * Add pod disruption budget * Make test more robust * Update Postgresql dependency * Align ingress configuration with best practices Signed-off-by: voron <av@arilot.com>
RBAC configurations
install. They are only needed for creating the intial user.
This avoids an error in the logs