From a654406fe6b3df3f5199cfdea28bb65fbb937639 Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Thu, 13 Jul 2023 11:14:20 +0200 Subject: [PATCH] feat(keycloak-operator): update Keycloak from 21.1.0 to 22.0.0 (#1068) Co-authored-by: janaurka <5986148+janaurka@users.noreply.github.com> --- README.md | 2 +- charts/keycloak-operator/Chart.yaml | 8 +- charts/keycloak-operator/README.md | 4 +- ...ycloakrealmimports.k8s.keycloak.org-v1.yml | 38 +++--- .../crds/keycloaks.k8s.keycloak.org-v1.yml | 112 +++++++++++++++--- .../templates/keycloak/keycloak.yaml | 7 ++ .../tests/__snapshot__/default_test.yaml.snap | 64 +++++----- .../tests/__snapshot__/operand_test.yaml.snap | 8 +- charts/keycloak-operator/values.yaml | 4 + 9 files changed, 167 insertions(+), 80 deletions(-) diff --git a/README.md b/README.md index a7d9e6620..879250438 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,7 @@ for more in-depth information. | [common](charts/common) | Common chartbuilding components ... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 0.x](https://img.shields.io/badge/app%20version-0.x-brightgreen) | | [csi-secret-provider-class](charts/csi-secret-provider-class) | A Helm chart to create a SecretP... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 0.x](https://img.shields.io/badge/app%20version-0.x-brightgreen) | | [customer-center](charts/customer-center) | Chart for Customer-Center applic... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 3.2.x](https://img.shields.io/badge/app%20version-3.2.x-brightgreen) | -| [keycloak-operator](charts/keycloak-operator) | Deploy Keycloak Operator and Key... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 21..x](https://img.shields.io/badge/app%20version-21..x-brightgreen) | +| [keycloak-operator](charts/keycloak-operator) | Deploy Keycloak Operator and Key... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 22..x](https://img.shields.io/badge/app%20version-22..x-brightgreen) | | [mopsos](charts/mopsos) | Deploy Mopsos to a Kubernetes Cl... | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: 0.x](https://img.shields.io/badge/app%20version-0.x-brightgreen) | | [openshift-etcd-backup](charts/openshift-etcd-backup) | Chart for openshift-etcd-backup ... | ![Version: 1.6.x](https://img.shields.io/badge/version-1.6.x-brightgreen) | ![App version: 1.6.x](https://img.shields.io/badge/app%20version-1.6.x-brightgreen) | | [osschallenge](charts/osschallenge) | Chart for OSS-Challenge application | ![Version: 0.x](https://img.shields.io/badge/version-0.x-brightgreen) | ![App version: ed.x](https://img.shields.io/badge/app%20version-ed.x-brightgreen) | diff --git a/charts/keycloak-operator/Chart.yaml b/charts/keycloak-operator/Chart.yaml index 1377c240c..675c0855c 100644 --- a/charts/keycloak-operator/Chart.yaml +++ b/charts/keycloak-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: keycloak-operator description: Deploy Keycloak Operator and Keycloak type: application -version: 0.1.1 -appVersion: "21.1.0" +version: 0.2.0 +appVersion: "22.0.0" home: https://www.keycloak.org sources: - https://github.com/keycloak/keycloak-k8s-resources @@ -14,5 +14,5 @@ maintainers: url: https://adfinis.com annotations: artifacthub.io/changes: | - - kind: fixed - description: allow disabling ingress from values + - kind: changed + description: Update Keycloak from 21.1.0 to 22.0.0 diff --git a/charts/keycloak-operator/README.md b/charts/keycloak-operator/README.md index f324ff087..c57d11d43 100644 --- a/charts/keycloak-operator/README.md +++ b/charts/keycloak-operator/README.md @@ -1,6 +1,6 @@ # keycloak-operator -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 21.1.0](https://img.shields.io/badge/AppVersion-21.1.0-informational?style=flat-square) +![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.0](https://img.shields.io/badge/AppVersion-22.0.0-informational?style=flat-square) Deploy Keycloak Operator and Keycloak @@ -48,6 +48,8 @@ This chart is maintained by [Adfinis](https://adfinis.com/?pk_campaign=github&pk | keycloak.image.repository | string | `""` | Overrides the operator.keycloakImage.image value whose default is quay.io/keycloak/keycloak | | keycloak.image.tag | string | `""` | Overrides the operator.keycloakImage.tag value whose default is the chart appVersion. | | keycloak.imagePullSecrets | string | `nil` | Secret(s) that might be used when pulling an image from a private container image registry or repository. | +| keycloak.ingress.annotations | list | `[]` | Annotations for the Ingress | +| keycloak.ingress.className | string | `""` | Ingress class name | | keycloak.ingress.enabled | bool | `true` | The deployment is, by default, exposed through a basic ingress. | | keycloak.instances | int | `1` | Number of Keycloak instances in HA mode. | | keycloak.realmimport.enabled | bool | `false` | Deploy realmimport resources | diff --git a/charts/keycloak-operator/crds/keycloakrealmimports.k8s.keycloak.org-v1.yml b/charts/keycloak-operator/crds/keycloakrealmimports.k8s.keycloak.org-v1.yml index b617a3054..05f26d9ad 100644 --- a/charts/keycloak-operator/crds/keycloakrealmimports.k8s.keycloak.org-v1.yml +++ b/charts/keycloak-operator/crds/keycloakrealmimports.k8s.keycloak.org-v1.yml @@ -547,7 +547,6 @@ spec: id: type: string clientPolicies: - type: object x-kubernetes-preserve-unknown-fields: true webAuthnPolicyUserVerificationRequirement: type: string @@ -703,16 +702,14 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string name: type: string policyEnforcementMode: enum: - - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -751,14 +748,12 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string logic: enum: - - stableIndex - POSITIVE - NEGATIVE type: string @@ -941,7 +936,6 @@ spec: otpPolicyCodeReusable: type: boolean clientProfiles: - type: object x-kubernetes-preserve-unknown-fields: true userFederationMappers: items: @@ -1563,16 +1557,14 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string name: type: string policyEnforcementMode: enum: - - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -1611,14 +1603,12 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string logic: enum: - - stableIndex - POSITIVE - NEGATIVE type: string @@ -1939,16 +1929,14 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string name: type: string policyEnforcementMode: enum: - - stableIndex - PERMISSIVE - ENFORCING - DISABLED @@ -1987,14 +1975,12 @@ spec: type: array decisionStrategy: enum: - - AFFIRMATIVE - - stableIndex - CONSENSUS - UNANIMOUS + - AFFIRMATIVE type: string logic: enum: - - stableIndex - POSITIVE - NEGATIVE type: string @@ -2223,9 +2209,6 @@ spec: userCacheEnabled: type: boolean type: object - required: - - keycloakCRName - - realm type: object status: properties: @@ -2233,7 +2216,14 @@ spec: items: properties: status: - type: boolean + properties: + value: + type: object + x-kubernetes-preserve-unknown-fields: true + lastTransitionTime: + type: string + observedGeneration: + type: integer type: type: string message: diff --git a/charts/keycloak-operator/crds/keycloaks.k8s.keycloak.org-v1.yml b/charts/keycloak-operator/crds/keycloaks.k8s.keycloak.org-v1.yml index 500365928..f64ce8846 100644 --- a/charts/keycloak-operator/crds/keycloaks.k8s.keycloak.org-v1.yml +++ b/charts/keycloak-operator/crds/keycloaks.k8s.keycloak.org-v1.yml @@ -91,8 +91,6 @@ spec: type: integer deletionTimestamp: type: string - clusterName: - type: string resourceVersion: type: string annotations: @@ -209,8 +207,6 @@ spec: type: integer deletionTimestamp: type: string - clusterName: - type: string resourceVersion: type: string annotations: @@ -307,6 +303,17 @@ spec: apiGroup: type: string type: object + dataSourceRef: + properties: + name: + type: string + kind: + type: string + namespace: + type: string + apiGroup: + type: string + type: object resources: properties: limits: @@ -316,6 +323,13 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + claims: + items: + properties: + name: + type: string + type: object + type: array requests: additionalProperties: anyOf: @@ -324,15 +338,6 @@ spec: x-kubernetes-int-or-string: true type: object type: object - dataSourceRef: - properties: - name: - type: string - kind: - type: string - apiGroup: - type: string - type: object accessModes: items: type: string @@ -1368,6 +1373,13 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + claims: + items: + properties: + name: + type: string + type: object + type: array requests: additionalProperties: anyOf: @@ -1389,6 +1401,20 @@ spec: type: array type: object type: array + resourceClaims: + items: + properties: + source: + properties: + resourceClaimTemplateName: + type: string + resourceClaimName: + type: string + type: object + name: + type: string + type: object + type: array automountServiceAccountToken: type: boolean containers: @@ -1861,6 +1887,13 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + claims: + items: + properties: + name: + type: string + type: object + type: array requests: additionalProperties: anyOf: @@ -2352,6 +2385,13 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + claims: + items: + properties: + name: + type: string + type: object + type: array requests: additionalProperties: anyOf: @@ -2721,12 +2761,20 @@ spec: topologySpreadConstraints: items: properties: + nodeTaintsPolicy: + type: string topologyKey: type: string maxSkew: type: integer + nodeAffinityPolicy: + type: string whenUnsatisfiable: type: string + matchLabelKeys: + items: + type: string + type: array labelSelector: properties: matchExpressions: @@ -2747,6 +2795,8 @@ spec: type: string type: object type: object + minDomains: + type: integer type: object type: array overhead: @@ -2773,8 +2823,17 @@ spec: type: string type: object type: array + schedulingGates: + items: + properties: + name: + type: string + type: object + type: array runtimeClassName: type: string + hostUsers: + type: boolean type: object type: object type: object @@ -2783,8 +2842,16 @@ spec: The deployment is, by default, exposed through a basic ingress. You can change this behaviour by setting the enabled property to false. properties: + annotations: + additionalProperties: + type: string + description: Additional annotations to be appended to the Ingress + object + type: object enabled: type: boolean + className: + type: string type: object image: description: Custom Keycloak image to be used. @@ -2902,16 +2969,33 @@ spec: items: properties: status: - type: boolean + properties: + value: + type: object + x-kubernetes-preserve-unknown-fields: true + lastTransitionTime: + type: string + observedGeneration: + type: integer type: type: string message: type: string type: object type: array + observedGeneration: + type: integer + instances: + type: integer + selector: + type: string type: object type: object served: true storage: true subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.instances + statusReplicasPath: .status.instances status: {} diff --git a/charts/keycloak-operator/templates/keycloak/keycloak.yaml b/charts/keycloak-operator/templates/keycloak/keycloak.yaml index 799e0d6d9..8845534a2 100644 --- a/charts/keycloak-operator/templates/keycloak/keycloak.yaml +++ b/charts/keycloak-operator/templates/keycloak/keycloak.yaml @@ -58,6 +58,13 @@ spec: {{- if .Values.keycloak.ingress.enabled }} ingress: enabled: true + {{- with .Values.keycloak.ingress.annotations }} + annotations: + {{ . | nindent 6 }} + {{- end }} + {{- with .Values.keycloak.ingress.className }} + className: {{ . | quote }} + {{- end }} {{- else }} ingress: enabled: false diff --git a/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap b/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap index 203fee5bb..5dcf1d2a6 100644 --- a/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap +++ b/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap @@ -8,8 +8,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloakcontroller-cluster-role rules: - apiGroups: @@ -35,8 +35,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloakrealmimportcontroller-cluster-role rules: - apiGroups: @@ -62,8 +62,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: RELEASE-NAME-keycloak-operator-operator spec: replicas: 1 @@ -86,8 +86,8 @@ should match snapshot: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_KEYCLOAK_IMAGE - value: quay.io/keycloak/keycloak:21.1.0 - image: quay.io/keycloak/keycloak-operator:21.1.0 + value: quay.io/keycloak/keycloak:22.0.0 + image: quay.io/keycloak/keycloak-operator:22.0.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -127,8 +127,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloak-operator-role-binding roleRef: apiGroup: rbac.authorization.k8s.io @@ -146,8 +146,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloak-operator-view roleRef: apiGroup: rbac.authorization.k8s.io @@ -165,8 +165,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloakcontroller-role-binding roleRef: apiGroup: rbac.authorization.k8s.io @@ -184,8 +184,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloakrealmimportcontroller-role-binding roleRef: apiGroup: rbac.authorization.k8s.io @@ -203,8 +203,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloak-operator-role rules: - apiGroups: @@ -258,18 +258,6 @@ should match snapshot: - patch - update 9: | - apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - app.kubernetes.io/component: keycloak-operator - app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 - name: RELEASE-NAME-keycloak-operator - 10: | apiVersion: v1 kind: Service metadata: @@ -278,8 +266,8 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: keycloak-operator - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: RELEASE-NAME-keycloak-operator-operator spec: ports: @@ -292,3 +280,15 @@ should match snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: keycloak-operator type: ClusterIP + 10: | + apiVersion: v1 + kind: ServiceAccount + metadata: + labels: + app.kubernetes.io/component: keycloak-operator + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: keycloak-operator + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 + name: RELEASE-NAME-keycloak-operator diff --git a/charts/keycloak-operator/tests/__snapshot__/operand_test.yaml.snap b/charts/keycloak-operator/tests/__snapshot__/operand_test.yaml.snap index 2a226f3f0..6f5a84fcd 100644 --- a/charts/keycloak-operator/tests/__snapshot__/operand_test.yaml.snap +++ b/charts/keycloak-operator/tests/__snapshot__/operand_test.yaml.snap @@ -6,8 +6,8 @@ should match snapshot: labels: app.kubernetes.io/component: keycloak app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: keycloak spec: features: @@ -34,8 +34,8 @@ should match snapshot: metadata: labels: app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: 21.1.0 - helm.sh/chart: keycloak-operator-0.1.1 + app.kubernetes.io/version: 22.0.0 + helm.sh/chart: keycloak-operator-0.2.0 name: RELEASE-NAME-keycloak-operator-test spec: keycloakCRName: keycloak diff --git a/charts/keycloak-operator/values.yaml b/charts/keycloak-operator/values.yaml index b755b9a38..3b6ec5ebb 100644 --- a/charts/keycloak-operator/values.yaml +++ b/charts/keycloak-operator/values.yaml @@ -137,6 +137,10 @@ keycloak: ingress: # -- The deployment is, by default, exposed through a basic ingress. enabled: true + # -- Annotations for the Ingress + annotations: [] + # -- Ingress class name + className: "" image: # -- Overrides the operator.keycloakImage.image value whose default is quay.io/keycloak/keycloak