Upgrade mrparkers to 3.7.0, set some defaults (#1183)

nebari-dev · Mar 24, 2022 · cbbe92d · cbbe92d
1 parent 569e239
commit cbbe92d
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 7 deletions.
diff --git a/qhub/template/stages/06-kubernetes-keycloak-configuration/main.tf b/qhub/template/stages/06-kubernetes-keycloak-configuration/main.tf
@@ -1,14 +1,36 @@
 resource "keycloak_realm" "main" {
-  provider = keycloak
 
   realm        = var.realm
   display_name = var.realm_display_name
+
+  direct_grant_flow    = "direct grant"
+  enabled              = true
+  browser_flow         = "browser"
+  revoke_refresh_token = false
+  user_managed_access  = false
+  ssl_required         = "external"
+  registration_flow    = "registration"
+
+  refresh_token_max_reuse    = 0
+  reset_credentials_flow     = "reset credentials"
+  client_authentication_flow = "clients"
+  docker_authentication_flow = "docker auth"
+
+  offline_session_max_lifespan_enabled = false
+
+  web_authn_policy { 
+  }
+
+  web_authn_passwordless_policy {
+  }
+
 }
 
 resource "keycloak_group" "groups" {
   for_each = var.keycloak_groups
   realm_id = keycloak_realm.main.id
-  name     = each.value
+  name     = each.key
+  attributes = {}
 }
 
 resource "keycloak_default_groups" "default" {

diff --git a/qhub/template/stages/06-kubernetes-keycloak-configuration/social_auth.tf b/qhub/template/stages/06-kubernetes-keycloak-configuration/social_auth.tf
@@ -2,6 +2,7 @@ resource "keycloak_authentication_flow" "flow" {
   realm_id    = keycloak_realm.main.id
   alias       = "detect-existing"
   provider_id = "basic-flow"
+  description = ""
 }
 
 resource "keycloak_authentication_execution" "idp-detect-existing-broker-user" {

diff --git a/qhub/template/stages/06-kubernetes-keycloak-configuration/versions.tf b/qhub/template/stages/06-kubernetes-keycloak-configuration/versions.tf
@@ -10,7 +10,7 @@ terraform {
     }
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "3.3.0"
+      version = "3.7.0"
     }
   }
   required_version = ">= 1.0"

diff --git a/...ate/stages/07-kubernetes-services/modules/kubernetes/services/keycloak-client/versions.tf b/...ate/stages/07-kubernetes-services/modules/kubernetes/services/keycloak-client/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "3.3.0"
+      version = "3.7.0"
     }
   }
   required_version = ">= 1.0"

diff --git a/qhub/template/stages/07-kubernetes-services/versions.tf b/qhub/template/stages/07-kubernetes-services/versions.tf
@@ -10,7 +10,7 @@ terraform {
     }
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "3.3.0"
+      version = "3.7.0"
     }
   }
   required_version = ">= 1.0"

diff --git a/qhub/template/stages/08-qhub-tf-extensions/modules/qhubextension/main.tf b/qhub/template/stages/08-qhub-tf-extensions/modules/qhubextension/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "3.3.0"
+      version = "3.7.0"
     }
   }
 }

diff --git a/qhub/template/stages/08-qhub-tf-extensions/versions.tf b/qhub/template/stages/08-qhub-tf-extensions/versions.tf
@@ -10,7 +10,7 @@ terraform {
     }
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "3.3.0"
+      version = "3.7.0"
     }
   }
   required_version = ">= 1.0"