helmfile.yaml
3.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
bases:
- ../common/environments.yaml
---
releases:
- name: kpg-postgresql
namespace: {{ .Values.namespace }}
chart: charts/postgresql
wait: true
strategicMergePatches:
- apiVersion: acid.zalan.do/v1
kind: postgresql
metadata:
name: kpg-postgres
namespace: {{ .Values.namespace }}
spec:
volume:
size: {{ .Values.postgresql.volume.size | quote }}
postgresql:
version: {{ .Values.postgresql.version | quote }}
{{- if .Values | get "clone.uid" nil }}
clone:
{{ merge .Values.clone ( dict "cluster" "kpg-postgres" ) | toYaml | nindent 12 }}
{{- end }}
- name: kpg-keycloak
namespace: {{ .Values.namespace }}
chart: charts/keycloak
needs:
- kpg-postgresql
strategicMergePatches:
{{- if not .Values.istio.enabled }}
- apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: kpg-keycloak-originate-tls
namespace: {{ .Values.namespace }}
$patch: delete
{{- end }}
- apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: kpg-keycloak-crt
namespace: {{ .Values.namespace }}
{{- if .Values.istio.enabled }}
spec:
dnsNames:
- {{ .Values.certificate.hostName }}
issuerRef:
name: {{ .Values.certificate.issuerRef }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: kpg-keycloak
namespace: {{ .Values.namespace }}
{{- if .Values.istio.enabled }}
spec:
hosts:
- {{ .Values.istio.hostName }}
gateways:
- {{ .Values.istio.gateway }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: kpg-keycloak
namespace: {{ .Values.namespace }}
{{- if .Values.gatewayAPI.enabled }}
spec:
parentRefs:
- name: {{ .Values.gatewayAPI.gateway }}
hostnames:
- {{ .Values.gatewayAPI.hostName }}
{{- else }}
$patch: delete
{{- end }}
jsonPatches:
- target:
group: k8s.keycloak.org
version: v2alpha1
kind: Keycloak
name: kpg-keycloak
namespace: {{ .Values.namespace }}
patch:
- op: replace
path: /spec/unsupported/podTemplate/spec/initContainers/0/image
value: {{ .Values.postgresql.waitForPg.image }}
{{- if .Values.istio.enabled }}
- target:
kind: VirtualService
name: kpg-keycloak
namespace: {{ .Values.namespace }}
version: v1beta1
group: networking.istio.io
patch:
- op: replace
path: /spec/tls/0/match/0/sniHosts/0
value: {{ .Values.istio.hostName }}
{{- end }}