Skip to content

Commit

Permalink
Move keycloak from aws to uncharted (#417)
Browse files Browse the repository at this point in the history 
Co-authored-by: Charles Coleman <[email protected]>
  • Loading branch information
@jcurzon404 @bigglesandginger
jcurzon404 and bigglesandginger committed Jun 10, 2024
1 parent cb2cc46 commit b817dbe
Show file tree
Hide file tree
Showing 7 changed files with 15 additions and 2,628 deletions.
36 changes: 0 additions & 36 deletions kubernetes/overlays/prod/overlays/askem-staging/ingress/public-web-ssl-ingress.yaml
View file

This file was deleted.

24 changes: 0 additions & 24 deletions kubernetes/overlays/prod/overlays/askem-staging/keycloak/keycloak-deployment.yaml
View file

This file was deleted.

2,431 changes: 0 additions & 2,431 deletions kubernetes/overlays/prod/overlays/askem-staging/keycloak/realm/Uncharted-realm.enc.json
View file

This file was deleted.

103 changes: 0 additions & 103 deletions kubernetes/overlays/prod/overlays/askem-staging/keycloak/realm/Uncharted-users-0.enc.json
View file

This file was deleted.

16 changes: 0 additions & 16 deletions kubernetes/overlays/prod/overlays/askem-staging/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ resources:
- ingress/private-web-grpc-ingress.yaml
- ingress/private-web-ingress.yaml
- ingress/public-web-ingress.yaml
- ingress/public-web-ssl-ingress.yaml
- secrets/secrets-adobe-api-key.yaml
- secrets/secrets-beaker-creds.yaml
- secrets/secrets-chatgpt.yaml
Expand All @@ -25,7 +24,6 @@ resources:
patches:
- path: hmi/documentation/terarium-docs-service.yaml
- path: hmi/server/hmi-server-deployment.yaml
- path: keycloak/keycloak-deployment.yaml
- path: services/beaker/beaker-deployment.yaml
- path: services/beaker/beaker-service.yaml
- path: services/climate-data/climate-data-deployment.yaml
Expand All @@ -44,21 +42,7 @@ patches:
- path: services/skema/skema-text-reading-deployment.yaml
- path: services/skema/skema-text-reading-service.yaml
- path: services/skema/skema-unified-service.yaml
configMapGenerator:
- files:
- keycloak/realm/Uncharted-realm.json
- keycloak/realm/Uncharted-users-0.json
name: keycloak-realm
behavior: create
images:
# Auth
- name: keycloak-image
newName: ghcr.io/unchartedsoftware/keycloak
newTag: '0.2.2'
- name: terarium-login-theme-image
newName: ghcr.io/darpa-askem/terarium-login-theme
newTag: 'latest'

# Terarium HMI
- name: hmi-client-image
newName: ghcr.io/darpa-askem/hmi-client
Expand Down
31 changes: 15 additions & 16 deletions kubernetes/overlays/prod/overlays/askem-staging/secrets/secrets-keycloak-creds.enc.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,17 @@
---
apiVersion: v1
kind: Secret
metadata:
name: keycloak-creds
type: Opaque
data:
service_username: ENC[AES256_GCM,data:ufcrO32BFbrjNfXOAZ+4fA==,iv:Y/xJvgtTQcPNFItwlGigyl0693kl8nYNklcIIMkLWyY=,tag:tNg7VL5WDoxCsqZ36Xmv8g==,type:str]
service_password: ENC[AES256_GCM,data:irduVkSML6ruhoEd0rD8WY1UjmRuHGcUB9SfXkHKYkU=,iv:pBYP4ITKFlYAVBhYu7vAbZRdUONyeR+H2W6kFJp0RU0=,tag:ypwf4zyyznLg4DTsSEfnKg==,type:str]
admin_username: ENC[AES256_GCM,data:hYYvxyL/OZ0=,iv:WwXe+HYwugzteIFMVfmMUV64DPNMG4MKxxI7AfOs4N0=,tag:ZbaYswNdx+S4StnGCp3XcA==,type:str]
admin_password: ENC[AES256_GCM,data:UVcFQvSXYym7JwYyXYsppw==,iv:cUp1rgq5oYUkjniYjwnDs+LF8UoBOp3xUl8jyC6VXaU=,tag:NG5W+963lgHTqvM0cKkzzw==,type:str]
admin_client-id: ENC[AES256_GCM,data:SNuEGn64HtsF/Fhb,iv:ow7rkpW28ix5MVd4ABqtEcaYLYMyzw3v4RptSD/gyTA=,tag:VgIdMofeT9mfx2ZTiGc4Rg==,type:str]
admin_realm: ENC[AES256_GCM,data:RAwsFcz6PY4=,iv:BDL3A/8UKf0my8qe+sNsPKssO+HQlP2lqmN2ePaqXXA=,tag:UH6O2sDiyFiHP7RUxseg4w==,type:str]
client-id: ENC[AES256_GCM,data:15zkjQ==,iv:44/wbVFLP9SY8QiR4Q/Pzq+zN4hCbQ7j+uvijgrDDow=,tag:bWCyPSAyILK6/sDKXpIDEQ==,type:str]
realm: ENC[AES256_GCM,data:eXC0yEHWylu2CLEs,iv:a2NRxQWRG6aup5yu19n9djxrc6z5X1Qj6mzXfzd6PZ0=,tag:RqYM8z88eKNig5TbPcM60A==,type:str]
service_username: ENC[AES256_GCM,data:C5G3/53nQCz/ncnreHEiSg==,iv:hJcVevt2nESHuuEiYN5UrydYoRn1vJshjDtoLGZdenY=,tag:G1N7Xvdzwy+EljeSB/6s2Q==,type:str]
service_password: ENC[AES256_GCM,data:gPbmvZSDIYKAYRBJYeZuW/EyUE1FRa3RlmrAkh1AoMU=,iv:xaOwwqq4vX18kFq0N5E/dxsnRQxgVEFNHDcRdXOqXgs=,tag:r8gtQTPmA+Q3Vef1HdFVzg==,type:str]
admin_username: ENC[AES256_GCM,data:sn9t91FrseE=,iv:gCJIFFMERmAXkWrhFOkiMTUjRxQ0nFEbwx3FxMAGv7M=,tag:XXEUqq+PWLjrT2OnvcVUNQ==,type:str]
admin_password: ENC[AES256_GCM,data:c9R0Y+kUxD9NcAiVYzuKfA==,iv:wbNc+EJaT6F8CvCI1NUGBI8oiFwwZS+RuPRfveosu2w=,tag:Tn0DU65u/sDFj2pifInv4g==,type:str]
admin_client-id: ENC[AES256_GCM,data:BwVGYBONL0hUqfCY,iv:w1IlxSczPtIDpnMF6PviEPy+pv9WEgpkS3xpEXHnl/Q=,tag:MjHwW9zu+NsmZ60FBkhyHw==,type:str]
admin_realm: ENC[AES256_GCM,data:RS7oiy4HoXO1KDWZ,iv:+PaRUXEmRlZLcjiF2aDKhmiXg3fx2geLWWTWn4Dc2/E=,tag:Wkxc9kCGCFafEwgq4Xy6IA==,type:str]
client-id: ENC[AES256_GCM,data:+cKD6g==,iv:B7T6OF9CXY3gjStRrPa0d9B5QVChRhwg/7ifa4iIBmQ=,tag:hZOgOO8AH1eCoykvhzqZEw==,type:str]
realm: ENC[AES256_GCM,data:zIRL8NpVd2FPVbl0,iv:Ec6bw+/n4Wy8O/iW1FsSEcHdloUGcbnUKrS6mQeGIfk=,tag:M79bwEWx1q83iqGPAZMKOw==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -22,14 +21,14 @@ sops:
- recipient: age1q5q7lt6twttye7h5dx4zu0eek04pu6szqfx28w00vq3z6nmlc9dq7md4xd
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2d2ZzTXk5YktGbEdXS3Fk
SUl1YWlvcEljTktDMWRMa1NDUU1Vb250K2tNCitmeXRwb1crQ05Gd2lCTTMxQkdB
Umh4OG54azlSODBjZ2JMdDRvb252TDQKLS0tIDBYRmJuQkN6L1dDVUNlVDlmY0Vl
WDJwcVk3eEZLMUtaMG5jcnBxUmRuY3cKL9dLTYT2aK9B0Hm8mO9MbVgfbPs+Rmwu
ah8voLzDOmqhrXM7vuplySl1g8tdgFJMH6k+GxLnG1dsAP15d8fYiQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcDVlRWdacEJSMUp4ZXpH
RFh3OTNMZWVSMUQvOFZrREdERVFrclZ3U0g4Ck9JS1U0c0RBakV2cDVmYVBqTVRq
L0VOWjdVMnljQnlUbGpnUGtrUHVBcmMKLS0tIHIrQUw3T0YyV2ZUajNaN1c4V01k
eDRLeVVBWWFNL2cxREtOOXBhMEJmQ28K6UAzMi+eWDquCPg5QNxATSwcscOx6MJE
Szxsv99CiHWqY4xcJmNfqGgYicctpQiTv8zcfKisIspg21KZA+cniQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-21T14:31:30Z"
mac: ENC[AES256_GCM,data:jmrxZh2e7BXPMTUj12y3tQpFsFVkMHQWDqSWKuNmeaELXW4UcSn0+owr90EqiRA/o5kLu4kN6bBdA6xMUmlqgB+0/Vs/3lS44ON0bv9Xn3dgQOsNKcKh4kB6rj0BgD99h9CNf8clT1qK/MCCiCLAU+Djx71/jGkvuOV0Qv36Uq8=,iv:XA4ApdEvGvnxb6qk3oabN60ESKHCBaAxgi5AsV/gu4s=,tag:UjjHGXuzuG1+408Ns3W6NQ==,type:str]
lastmodified: "2024-06-10T18:25:14Z"
mac: ENC[AES256_GCM,data:XNBgVvZmWCNQAeGothzSn6HF58Zh1XzelbfQ4JEzi2z/QKcDkcZ8sOeNtPL9CzmiYtLgOH9utj6vNzZY4N0iesMy7eHGWvMs11genXLmRRHDQvAyH0x83CczsWJ4HLuwe9H0ObpW5q4EIuzzwS+jiT30BtwYaCS2ADE81EOwteI=,iv:XA1sSqygWLlQsZzVDNkZX3cRz5oNQhjY7oTQ0M75Jy4=,tag:GpS9HYzqAwp58/8wvw3C4w==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.8.1
2 changes: 0 additions & 2 deletions kubernetes/secret_files.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,6 @@ STAGING_YAML=(
"overlays/prod/overlays/askem-staging/check-latest/secrets.yaml"
)
STAGING_ADDITIONAL=(
"overlays/prod/overlays/askem-staging/keycloak/realm/Uncharted-realm.json"
"overlays/prod/overlays/askem-staging/keycloak/realm/Uncharted-users-0.json"
"overlays/prod/overlays/askem-staging/check-latest/check-latest-rsa"
)

Expand Down

0 comments on commit b817dbe

Please sign in to comment.