GithubHelp home page GithubHelp logo

yyvess / keycloak-timoni Goto Github PK

View Code? Open in Web Editor NEW
0.0 0.0 0.0 333 KB

A Timoni module designed for the efficient deployment of Keycloak on Kubernetes clusters.

License: Apache License 2.0

CUE 99.83% Shell 0.17%

keycloak-timoni's People

Contributors

yyvess avatar

Watchers

avatar avatar

keycloak-timoni's Issues

Environment Vars Schema

I think this is looking good, I don't have experience with KeyCloak so can't speak to it's configuration but here are some things around the environment variables that came to mind. I'll add some more issues around other things as I get to look at it more tomorrow.

Is there a reason you've locked the envvars down to this?

keycloak-timoni/templates/config.cue

Lines 147 to 185 in c8639ec

envs: {
KC_DB?: "dev-file" | "dev-mem" | "postgres" | "mariadb" | "mssql" | "mysql" | "oracle"
KC_HEALTH_ENABLED: true
KC_HTTP_ENABLED: *true | false
KC_HTTP_PORT?: int & >0 & <=65535
KC_HTTPS_PORT?: int & >0 & <=65535
KC_HOSTNAME_PORT?: int & >0 & <=65535
KC_HOSTNAME?: string
KC_HOSTNAME_ADMIN?: string
KC_HOSTNAME_URL?: string
KC_HOSTNAME_ADMIN_URL?: string
KC_HOSTNAME_PATH?: string
KC_HOSTNAME_STRICT?: true | false
KC_HOSTNAME_STRICT_HTTPS?: true | false
KC_HOSTNAME_STRICT_BACKCHANNEL?: true | false
KC_PROXY?: "none" | "edge" | "reencrypt" | "passthrough"
KC_METRICS_ENABLED?: true | false
KEYCLOAK_ADMIN: *"admin" | string | #secretReference
KEYCLOAK_ADMIN_PASSWORD: string | #secretReference
KC_DB_URL?: string | #secretReference
KC_DB_USERNAME?: string | #secretReference
KC_DB_PASSWORD?: string | #secretReference
KC_CACHE?: "local" | "ispn"
KC_CACHE_CONFIG_FILE?: string
KC_CACHE_STACK: *"kubernetes" | "tcp" | "udp" | "ec2" | "azure" | "google"
JAVA_OPTS_APPEND?: string
KC_LOG_LEVEL?: string
KC_LOG_CONSOLE_OUTPUT?: string
KC_LOG_CONSOLE_FORMAT?: string
if certificateCreate {
KC_HTTPS_CERTIFICATE_FILE: *"/certs/tls.crt" | string
KC_HTTPS_CERTIFICATE_KEY_FILE: *"/certs/tls.key" | string
}
if !certificateCreate {
KC_HTTPS_CERTIFICATE_FILE?: string
KC_HTTPS_CERTIFICATE_KEY_FILE?: string
}
}

I would look to have this implemented like #Config: envs?: [...corev1.#EnvVar]. This lets the user define how their envs are brought in and simplifies the cue schema, though does make the user do more.

The deployment envs would then look like this:

#Deployment: spec: template: spec: containers: [
  {
    env: [
      if #config.envs != _|_ {
        for e in #config.envs {e}
      },
    ]
  }
]

Instead of this:

keycloak-timoni/templates/deployment.cue

Lines 40 to 50 in c8639ec

env: [for k, v in #config.envs if v != _|_ && v.name == _|_ {
name: "\( k )"
value: "\( v )"
},
for k, v in #config.envs if v != _|_ && v.name != _|_ {
name: "\( k )"
valueFrom:
secretKeyRef: {
name: "\( v.name )"
key: "\( v.key )"
}}]

Anything that's a static value like this, should just be put directly into the target resource:

keycloak-timoni/templates/config.cue

Line 149 in c8639ec

KC_HEALTH_ENABLED: true

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.