Skip to content

Commit

Permalink
feat(kyak): deploy keycloak operator
Browse files Browse the repository at this point in the history 
Signed-off-by: Tyler Witlin <twitlin@witl.xyz>
  • Loading branch information
@coolguy1771
coolguy1771 committed Aug 29, 2024
1 parent 3ed7036 commit 44dabd7
Show file tree
Hide file tree
Showing 8 changed files with 411 additions and 0 deletions.
9 changes: 9 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/crds/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# renovate: datasource=github-releases depName=keycloak/keycloak-k8s-resources
- https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/25.0.4/kubernetes/keycloaks.k8s.keycloak.org-v1.yml
# renovate: datasource=github-releases depName=keycloak/keycloak-k8s-resources
- https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/25.0.4/kubernetes/keycloakrealmimports.k8s.keycloak.org-v1.yml
75 changes: 75 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
app.quarkus.io/quarkus-version: 3.8.5
app.quarkus.io/vcs-uri: https://github.com/keycloak/keycloak.git
app.quarkus.io/build-timestamp: 2024-08-19 - 09:23:49 +0000
labels:
app.kubernetes.io/name: keycloak-operator
app.kubernetes.io/version: 25.0.4
app.kubernetes.io/managed-by: quarkus
name: keycloak-operator
spec:
replicas: 3
selector:
matchLabels:
app.kubernetes.io/name: keycloak-operator
template:
metadata:
annotations:
app.quarkus.io/quarkus-version: 3.8.5
app.quarkus.io/vcs-uri: https://github.com/keycloak/keycloak.git
app.quarkus.io/build-timestamp: 2024-08-19 - 09:23:49 +0000
labels:
app.kubernetes.io/managed-by: quarkus
app.kubernetes.io/version: 25.0.4
app.kubernetes.io/name: keycloak-operator
spec:
containers:
- env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: RELATED_IMAGE_KEYCLOAK
value: quay.io/keycloak/keycloak:25.0.4
image: quay.io/keycloak/keycloak-operator:25.0.4
imagePullPolicy: Always
livenessProbe:
failureThreshold: 3
httpGet:
path: /q/health/live
port: 8080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
name: keycloak-operator
ports:
- containerPort: 8080
name: http
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /q/health/ready
port: 8080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
startupProbe:
failureThreshold: 3
httpGet:
path: /q/health/started
port: 8080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
serviceAccountName: keycloak-operator
10 changes: 10 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./crds
- ./rbac.yaml
- ./service.yaml
- ./serviceaccount.yaml
- ./deployment.yaml
260 changes: 260 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/rbac.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,260 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: keycloak-operator-clusterrole
rules:
- apiGroups:
- config.openshift.io
resources:
- ingresses
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: keycloakrealmimportcontroller-cluster-role
rules:
- apiGroups:
- k8s.keycloak.org
resources:
- keycloakrealmimports
- keycloakrealmimports/status
- keycloakrealmimports/finalizers
verbs:
- get
- list
- watch
- patch
- update
- create
- delete
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- patch
- update
- delete
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: keycloakcontroller-cluster-role
rules:
- apiGroups:
- k8s.keycloak.org
resources:
- keycloaks
- keycloaks/status
- keycloaks/finalizers
verbs:
- get
- list
- watch
- patch
- update
- create
- delete
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- patch
- update
- delete
- create
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- get
- list
- watch
- patch
- update
- delete
- create
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- patch
- update
- delete
- create
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- patch
- update
- delete
- create
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- delete
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: keycloak-operator
name: keycloak-operator-clusterrole-binding
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: keycloak-operator-clusterrole
subjects:
- kind: ServiceAccount
name: keycloak-operator
namespace: keycloak
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: keycloak-operator-role
rules:
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- get
- list
- watch
- create
- delete
- patch
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- secrets
- services
verbs:
- get
- list
- watch
- create
- delete
- patch
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- apiGroups:
- batch
resources:
- jobs
verbs:
- get
- list
- watch
- create
- delete
- patch
- update
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- create
- delete
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/name: keycloak-operator
name: keycloak-operator-role-binding
roleRef:
kind: Role
apiGroup: rbac.authorization.k8s.io
name: keycloak-operator-role
subjects:
- kind: ServiceAccount
name: keycloak-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: keycloakrealmimportcontroller-role-binding
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: keycloakrealmimportcontroller-cluster-role
subjects:
- kind: ServiceAccount
name: keycloak-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: keycloakcontroller-role-binding
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: keycloakcontroller-cluster-role
subjects:
- kind: ServiceAccount
name: keycloak-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/name: keycloak-operator
app.kubernetes.io/version: 25.0.4
name: keycloak-operator-view
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: view
subjects:
- kind: ServiceAccount
name: keycloak-operator
22 changes: 22 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/service.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
apiVersion: v1
kind: Service
metadata:
annotations:
app.quarkus.io/quarkus-version: 3.8.5
app.quarkus.io/vcs-uri: https://github.com/keycloak/keycloak.git
app.quarkus.io/build-timestamp: 2024-08-19 - 09:23:49 +0000
labels:
app.kubernetes.io/name: keycloak-operator
app.kubernetes.io/version: 25.0.4
app.kubernetes.io/managed-by: quarkus
name: keycloak-operator
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app.kubernetes.io/name: keycloak-operator
type: ClusterIP
13 changes: 13 additions & 0 deletions kubernetes/kyak/apps/auth/keycloak/app/serviceaccount.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
annotations:
app.quarkus.io/quarkus-version: 3.8.5
app.quarkus.io/vcs-uri: https://github.com/keycloak/keycloak.git
app.quarkus.io/build-timestamp: 2024-08-19 - 09:23:49 +0000
labels:
app.kubernetes.io/name: keycloak-operator
app.kubernetes.io/version: 25.0.4
app.kubernetes.io/managed-by: quarkus
name: keycloak-operator
Loading

0 comments on commit 44dabd7

Please sign in to comment.