diff --git a/charts/keycloakx/Chart.yaml b/charts/keycloakx/Chart.yaml index a3ee6f39..f84355f5 100644 --- a/charts/keycloakx/Chart.yaml +++ b/charts/keycloakx/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: keycloakx version: 2.3.0 -appVersion: 22.0.4 +appVersion: 25.0.0 description: Keycloak.X - Open Source Identity and Access Management for Modern Applications and Services keywords: - sso diff --git a/charts/keycloakx/README.md b/charts/keycloakx/README.md index dfd1fab0..b19416cc 100644 --- a/charts/keycloakx/README.md +++ b/charts/keycloakx/README.md @@ -11,10 +11,8 @@ $ cat << EOF > values.yaml command: - "/opt/keycloak/bin/kc.sh" - "start" - - "--http-enabled=true" - "--http-port=8080" - "--hostname-strict=false" - - "--hostname-strict-https=false" extraEnv: | - name: KEYCLOAK_ADMIN value: admin diff --git a/charts/keycloakx/ci/h2-values.yaml b/charts/keycloakx/ci/h2-values.yaml index 65402520..ee8e1d04 100644 --- a/charts/keycloakx/ci/h2-values.yaml +++ b/charts/keycloakx/ci/h2-values.yaml @@ -3,7 +3,6 @@ command: - "--verbose" - "start" - --hostname-strict=false - - --hostname-strict-https=false extraEnv: | - name: KEYCLOAK_ADMIN diff --git a/charts/keycloakx/examples/postgresql-kubeping/Dockerfile b/charts/keycloakx/examples/postgresql-kubeping/Dockerfile index a401b4ae..c535e651 100644 --- a/charts/keycloakx/examples/postgresql-kubeping/Dockerfile +++ b/charts/keycloakx/examples/postgresql-kubeping/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/keycloak/keycloak:22.0.4 +FROM quay.io/keycloak/keycloak:25.0.0 ENV JGROUPS_KUBERNETES_VERSION 1.0.16.Final diff --git a/charts/keycloakx/examples/postgresql-kubeping/keycloak-server-values.yaml b/charts/keycloakx/examples/postgresql-kubeping/keycloak-server-values.yaml index 72eb2f83..2c975ed9 100644 --- a/charts/keycloakx/examples/postgresql-kubeping/keycloak-server-values.yaml +++ b/charts/keycloakx/examples/postgresql-kubeping/keycloak-server-values.yaml @@ -5,10 +5,8 @@ command: - "/opt/keycloak/bin/kc.sh" - "--verbose" - "start" - - "--http-enabled=true" - "--http-port=8080" - "--hostname-strict=false" - - "--hostname-strict-https=false" - "--spi-events-listener-jboss-logging-success-level=info" - "--spi-events-listener-jboss-logging-error-level=warn" diff --git a/charts/keycloakx/examples/postgresql/keycloak-server-values.yaml b/charts/keycloakx/examples/postgresql/keycloak-server-values.yaml index 3d82fb33..678e19d2 100644 --- a/charts/keycloakx/examples/postgresql/keycloak-server-values.yaml +++ b/charts/keycloakx/examples/postgresql/keycloak-server-values.yaml @@ -5,10 +5,8 @@ command: - "/opt/keycloak/bin/kc.sh" - "--verbose" - "start" - - "--http-enabled=true" - "--http-port=8080" - "--hostname-strict=false" - - "--hostname-strict-https=false" - "--spi-events-listener-jboss-logging-success-level=info" - "--spi-events-listener-jboss-logging-error-level=warn" diff --git a/charts/keycloakx/templates/statefulset.yaml b/charts/keycloakx/templates/statefulset.yaml index 84eaeb9f..00add770 100644 --- a/charts/keycloakx/templates/statefulset.yaml +++ b/charts/keycloakx/templates/statefulset.yaml @@ -100,9 +100,13 @@ spec: value: "kubernetes" {{- end }} {{- if .Values.proxy.enabled }} - - name: KC_PROXY + - name: KC_PROXY_HEADERS value: {{ .Values.proxy.mode }} {{- end }} + {{- if .Values.proxy.http.enabled }} + - name: KC_HTTP_ENABLED + value: "true" + {{- end }} {{- if .Values.database.vendor }} - name: KC_DB value: {{ .Values.database.vendor }} @@ -145,6 +149,9 @@ spec: - name: http containerPort: 8080 protocol: TCP + - name: '{{ .Values.http.internalPort }}' + containerPort: 9000 + protocol: TCP {{- if .Values.service.httpsPort }} - name: https containerPort: 8443 diff --git a/charts/keycloakx/values.yaml b/charts/keycloakx/values.yaml index 385b9166..4f704ced 100644 --- a/charts/keycloakx/values.yaml +++ b/charts/keycloakx/values.yaml @@ -11,7 +11,7 @@ image: # The Keycloak image repository repository: quay.io/keycloak/keycloak # Overrides the Keycloak image tag whose default is the chart appVersion - tag: "22.0.4" + tag: "25.0.0" # Overrides the Keycloak image tag with a specific digest digest: "" # The Keycloak image pull policy @@ -166,7 +166,7 @@ podAnnotations: {} livenessProbe: | httpGet: path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health/live' - port: http + port: '{{ .Values.http.internalPort }}' initialDelaySeconds: 0 timeoutSeconds: 5 @@ -174,7 +174,7 @@ livenessProbe: | readinessProbe: | httpGet: path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health/ready' - port: http + port: '{{ .Values.http.internalPort }}' initialDelaySeconds: 10 timeoutSeconds: 1 @@ -182,7 +182,7 @@ readinessProbe: | startupProbe: | httpGet: path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health' - port: http + port: '{{ .Values.http.internalPort }}' initialDelaySeconds: 15 timeoutSeconds: 1 failureThreshold: 60 @@ -406,7 +406,9 @@ cache: proxy: enabled: true - mode: edge + mode: forwarded + http: + enabled: true metrics: enabled: true @@ -417,6 +419,7 @@ health: http: # For backwards compatibility reasons we set this to the value used by previous Keycloak versions. relativePath: "/auth" + internalPort: http-internal serviceMonitor: # If `true`, a ServiceMonitor resource for the prometheus-operator is created @@ -436,7 +439,7 @@ serviceMonitor: # The path at which metrics are served path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/metrics' # The Service port at which metrics are served - port: http + port: '{{ .Values.http.internalPort }}' extraServiceMonitor: # If `true`, a ServiceMonitor resource for the prometheus-operator is created @@ -454,9 +457,9 @@ extraServiceMonitor: # Timeout for scraping scrapeTimeout: 10s # The path at which metrics are served - path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/realms/master/metrics' + path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/metrics' # The Service port at which metrics are served - port: http + port: '{{ .Values.http.internalPort }}' prometheusRule: # If `true`, a PrometheusRule resource for the prometheus-operator is created