helmfile.yaml 3.08 KB
bases:
  - ../common/environments.yaml

---

releases:
  - name: kpg-postgresql
    namespace: {{ .Values.namespace }}
    chart: charts/postgresql
    wait: true
    strategicMergePatches:
      - apiVersion: acid.zalan.do/v1
        kind: postgresql
        metadata:
          name: kpg-postgres
          namespace: {{ .Values.namespace }}
        spec:
          volume:
            size: {{ .Values.postgresql.volume.size | quote }}
          postgresql:
            version: {{ .Values.postgresql.version | quote }}
          {{- if .Values | get "postgresql.clone.uid" nil }}
          clone:
            {{ merge .Values.postgresql.clone ( dict "cluster" "kpg-postgres" ) | toYaml | nindent 12 }}
          {{- end }}

  - name: kpg-keycloak
    namespace: {{ .Values.namespace }}
    chart: charts/keycloak
    needs:
    - kpg-postgresql
    strategicMergePatches:
      {{- if not .Values.istio.enabled }}
      - apiVersion: networking.istio.io/v1beta1
        kind: DestinationRule
        metadata:
          name: kpg-keycloak-originate-tls
          namespace: {{ .Values.namespace }}
        $patch: delete
      {{- end }}
      - apiVersion: cert-manager.io/v1
        kind: Certificate
        metadata:
          name: kpg-keycloak-crt
          namespace: {{ .Values.namespace }}
        {{- if .Values.istio.enabled }}
        spec:
          dnsNames:
            - {{ .Values.certificate.hostName }}
          issuerRef:
            name: {{ .Values.certificate.issuerRef }}
        {{- else }}
        $patch: delete
        {{- end }}
      - apiVersion: networking.istio.io/v1beta1
        kind: VirtualService
        metadata:
          name: kpg-keycloak
          namespace: {{ .Values.namespace }}
        {{- if .Values.istio.enabled }}
        spec:
          hosts:
            - {{ .Values.istio.hostName }}
          gateways:
            - {{ .Values.istio.gateway }}
        {{- else }}
        $patch: delete
        {{- end }}
      - apiVersion: gateway.networking.k8s.io/v1beta1
        kind: HTTPRoute
        metadata:
          name: kpg-keycloak
          namespace: {{ .Values.namespace }}
        {{- if .Values.gatewayAPI.enabled }}
        spec:
          parentRefs:
            - name: {{ .Values.gatewayAPI.gateway }}
          hostnames:
            - {{ .Values.gatewayAPI.hostName }}
        {{- else }}
        $patch: delete
        {{- end }}

    jsonPatches:
      - target:
          group: k8s.keycloak.org
          version: v2alpha1
          kind: Keycloak
          name: kpg-keycloak
          namespace: {{ .Values.namespace }}
        patch:
          - op: replace
            path: /spec/unsupported/podTemplate/spec/initContainers/0/image
            value: {{ .Values.postgresql.waitForPg.image }}
      {{- if .Values.istio.enabled }}
      - target:
          kind: VirtualService
          name: kpg-keycloak
          namespace: {{ .Values.namespace }}
          version: v1beta1
          group: networking.istio.io
        patch:
          - op: replace
            path: /spec/tls/0/match/0/sniHosts/0
            value: {{ .Values.istio.hostName }}
      {{- end }}