Skip to content
Snippets Groups Projects

GONRG-4892: Update/add readme to keycloak bootstrap

Merged Yauheni Rykhter (EPAM) requested to merge GONRG-4892-add-docs-keycloak into master
+ 63
0
# Bootstrap Keycloak for OSDU Anthos on-prem installation
The main purpose of bootstrap Keycloak is to automate uploading neccessary settings for OSDU Anthos on-prem installation. \
We parsing all evironment variables in container, then find all of them if they starts with 'KEYCLOAK_' and ends with '_SECRET' parts.
Then we use these variables for creation Keycloak clients with custom passwords (can be updated) and realms.
## Prerequisites
1. Keycloak
1. Python 3.8.10
1. You need to create a secret and add it to Kubernetes.
**Variables for bootstrap script must start with 'KEYCLOAK_' and ends with '_SECRET' parts!!! (check the examples!!!)** \
As an example:
Creation of secret:
```YAML
apiVersion: v1
kind: Secret
metadata:
name: "example"
type: Opaque
data:
CLIENT_ID: {{ print "example" | b64enc | quote }}
CLIENT_SECRET: {{ randAlphaNum 16 | b64enc | quote }}
```
Adding secret to deployment:
```YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: "example-deployment"
spec:
replicas: 1
selector:
matchLabels:
job: example-bootstrap
template:
metadata:
labels:
job: example-bootstrap
spec:
containers:
- name: "example"
env:
- name: KEYCLOAK_EXAMPLE_SECRET
valueFrom:
secretKeyRef:
name: "example"
key: CLIENT_SECRET
```
## Provisioning
To provision this script, use:
```Python
pip install requirements.txt
python3 keycloak.py
```
Loading