You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ma...@apache.org on 2023/12/15 16:16:05 UTC
(camel-karavan) branch main updated: keycloak secret parameters
This is an automated email from the ASF dual-hosted git repository.
marat pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-karavan.git
The following commit(s) were added to refs/heads/main by this push:
new 0014b86f keycloak secret parameters
0014b86f is described below
commit 0014b86fe6e7d64f66d1668bbd1418743e004701
Author: Marat Gubaidullin <ma...@talismancloud.io>
AuthorDate: Fri Dec 15 11:15:24 2023 -0500
keycloak secret parameters
---
.../apache/camel/karavan/installer/Constants.java | 8 ++-
.../camel/karavan/installer/KaravanCommand.java | 80 +++++++++++++---------
.../camel/karavan/installer/ResourceUtils.java | 1 +
.../installer/resources/KaravanDeployment.java | 26 +++----
.../karavan/installer/resources/KaravanSecret.java | 9 +--
5 files changed, 70 insertions(+), 54 deletions(-)
diff --git a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/Constants.java b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/Constants.java
index ae36f0fa..46542513 100644
--- a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/Constants.java
+++ b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/Constants.java
@@ -31,7 +31,7 @@ public final class Constants {
public static final String KARAVAN_IMAGE = "ghcr.io/apache/camel-karavan";
- public static final String INFINISPAN_IMAGE = "quay.io/infinispan/server:14.0.17.Final";
+ public static final String INFINISPAN_IMAGE = "quay.io/infinispan/server:14.0.21.Final";
public static final String INFINISPAN_USERNAME = "admin";
public static final String INFINISPAN_PASSWORD = "karavan";
@@ -43,4 +43,10 @@ public final class Constants {
public static final String ROLEBINDING_KARAVAN_VIEW = "karavan-cluster-role-binding";
public static final String INFINISPAN_SECRET_NAME = "infinispan-secret";
+
+ public static final String KEYCLOAK_URL = "karavan.keycloak.url";
+ public static final String KEYCLOAK_REALM = "karavan.keycloak.realm";
+ public static final String KEYCLOAK_FRONTEND_CLIENT_ID = "karavan.keycloak.frontend.clientId";
+ public static final String KEYCLOAK_BACKEND_CLIENT_ID = "karavan.keycloak.backend.clientId";
+ public static final String KEYCLOAK_BACKEND_SECRET = "karavan.keycloak.backend.secret";
}
\ No newline at end of file
diff --git a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/KaravanCommand.java b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/KaravanCommand.java
index 9e41a498..024bf88f 100644
--- a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/KaravanCommand.java
+++ b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/KaravanCommand.java
@@ -51,15 +51,17 @@ public class KaravanCommand implements Callable<Integer> {
private boolean yaml;
@CommandLine.Option(names = {"--openshift"}, description = "Create files for OpenShift")
private boolean isOpenShift;
+ @CommandLine.Option(names = {"--keycloak-url"}, description = "Keycloak URL")
+ private String keycloakUrl;
+ @CommandLine.Option(names = {"--keycloak-realm"}, description = "Keycloak Realm")
+ private String keycloakRealm;
+ @CommandLine.Option(names = {"--keycloak-frontend-clientId"}, description = "Keycloak frontend clientId")
+ private String keycloakFrontendClientId;
+ @CommandLine.Option(names = {"--keycloak-backend-clientId"}, description = "Keycloak backend clientId")
+ private String keycloakBackendClientId;
+ @CommandLine.Option(names = {"--keycloak-backend-secret"}, description = "Keycloak backend secret")
+ private String keycloakBackendSecret;
- @CommandLine.Option(names = {"--master-password"}, description = "Master password", defaultValue = "karavan")
- private String masterPassword;
- @CommandLine.Option(names = {"--oidc-secret"}, description = "OIDC secret")
- private String oidcSecret;
- @CommandLine.Option(names = {"--oidc-server-url"}, description = "OIDC server URL")
- private String oidcServerUrl;
- @CommandLine.Option(names = {"--oidc-frontend-url"}, description = "OIDC frontend URL")
- private String oidcFrontendUrl;
@CommandLine.Option(names = {"--git-repository"}, description = "Git repository", defaultValue = Constants.DEFAULT_GIT_REPOSITORY)
private String gitRepository;
@CommandLine.Option(names = {"--git-username"}, description = "Git username", defaultValue = Constants.DEFAULT_GIT_USERNAME)
@@ -132,9 +134,9 @@ public class KaravanCommand implements Callable<Integer> {
}
public boolean oidcConfigured() {
- return oidcSecret != null
- && oidcServerUrl != null
- && oidcFrontendUrl != null;
+ return keycloakBackendSecret != null
+ && keycloakUrl != null
+ && keycloakFrontendClientId != null;
}
public boolean isInstallGitea() {
@@ -233,36 +235,28 @@ public class KaravanCommand implements Callable<Integer> {
isOpenShift = openShift;
}
- public String getMasterPassword() {
- return masterPassword;
+ public String getKeycloakBackendSecret() {
+ return keycloakBackendSecret;
}
- public void setMasterPassword(String masterPassword) {
- this.masterPassword = masterPassword;
+ public void setKeycloakBackendSecret(String keycloakBackendSecret) {
+ this.keycloakBackendSecret = keycloakBackendSecret;
}
- public String getOidcSecret() {
- return oidcSecret;
+ public String getKeycloakUrl() {
+ return keycloakUrl;
}
- public void setOidcSecret(String oidcSecret) {
- this.oidcSecret = oidcSecret;
+ public void setKeycloakUrl(String keycloakUrl) {
+ this.keycloakUrl = keycloakUrl;
}
- public String getOidcServerUrl() {
- return oidcServerUrl;
+ public String getKeycloakFrontendClientId() {
+ return keycloakFrontendClientId;
}
- public void setOidcServerUrl(String oidcServerUrl) {
- this.oidcServerUrl = oidcServerUrl;
- }
-
- public String getOidcFrontendUrl() {
- return oidcFrontendUrl;
- }
-
- public void setOidcFrontendUrl(String oidcFrontendUrl) {
- this.oidcFrontendUrl = oidcFrontendUrl;
+ public void setKeycloakFrontendClientId(String keycloakFrontendClientId) {
+ this.keycloakFrontendClientId = keycloakFrontendClientId;
}
public String getGitRepository() {
@@ -376,4 +370,28 @@ public class KaravanCommand implements Callable<Integer> {
public void setLabels(Map<String, String> labels) {
this.labels = labels;
}
+
+ public String getKeycloakRealm() {
+ return keycloakRealm;
+ }
+
+ public void setKeycloakRealm(String keycloakRealm) {
+ this.keycloakRealm = keycloakRealm;
+ }
+
+ public String getKeycloakBackendClientId() {
+ return keycloakBackendClientId;
+ }
+
+ public void setKeycloakBackendClientId(String keycloakBackendClientId) {
+ this.keycloakBackendClientId = keycloakBackendClientId;
+ }
+
+ public void setInstallGitea(boolean installGitea) {
+ this.installGitea = installGitea;
+ }
+
+ public void setInstallInfinispan(boolean installInfinispan) {
+ this.installInfinispan = installInfinispan;
+ }
}
diff --git a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/ResourceUtils.java b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/ResourceUtils.java
index 840ea25b..1ab5cd5d 100644
--- a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/ResourceUtils.java
+++ b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/ResourceUtils.java
@@ -30,6 +30,7 @@ public class ResourceUtils {
public static Map<String, String> generateResourcesMap(KaravanCommand config) {
Map<String, String> result = new HashMap<>();
+ result.put("secret", toYAML(KaravanSecret.getSecret(config)));
result.put("sa-karavan", toYAML(KaravanServiceAccount.getServiceAccount(config)));
result.put("role-karavan", toYAML(KaravanRole.getRole(config)));
diff --git a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanDeployment.java b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanDeployment.java
index 846d604a..3cd74235 100644
--- a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanDeployment.java
+++ b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanDeployment.java
@@ -27,8 +27,7 @@ import java.util.List;
import java.util.Map;
import java.util.Objects;
-import static org.apache.camel.karavan.installer.Constants.INFINISPAN_SECRET_NAME;
-import static org.apache.camel.karavan.installer.Constants.NAME;
+import static org.apache.camel.karavan.installer.Constants.*;
public class KaravanDeployment {
@@ -64,22 +63,13 @@ public class KaravanDeployment {
new EnvVar("KUBERNETES_NAMESPACE", null, new EnvVarSourceBuilder().withFieldRef(new ObjectFieldSelector("", "metadata.namespace")).build())
);
String auth = config.getAuth();
- if (Objects.equals(auth, "basic")) {
- image = baseImage + "-basic:" + config.getVersion();
- envVarList.add(
- new EnvVar("MASTER_PASSWORD", null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("master-password", NAME, false)).build())
- );
- } else if (Objects.equals(auth, "oidc")) {
- image = baseImage + "-oidc:" + config.getVersion();
- envVarList.add(
- new EnvVar("OIDC_FRONTEND_URL", null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("oidc-frontend-url", "karavan", false)).build())
- );
- envVarList.add(
- new EnvVar("OIDC_SERVER_URL", null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("oidc-server-url", "karavan", false)).build())
- );
- envVarList.add(
- new EnvVar("OIDC_SECRET", null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("oidc-secret", "karavan", false)).build())
- );
+ if (Objects.equals(auth, "oidc")) {
+ image = baseImage + ":" + config.getVersion() + "-oidc";
+ envVarList.add(new EnvVar(KEYCLOAK_URL, null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector(KEYCLOAK_URL, NAME, false)).build()));
+ envVarList.add(new EnvVar(KEYCLOAK_REALM, null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector(KEYCLOAK_REALM, NAME, false)).build()));
+ envVarList.add(new EnvVar(KEYCLOAK_FRONTEND_CLIENT_ID, null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector(KEYCLOAK_FRONTEND_CLIENT_ID, NAME, false)).build()));
+ envVarList.add(new EnvVar(KEYCLOAK_BACKEND_CLIENT_ID, null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector(KEYCLOAK_BACKEND_CLIENT_ID, NAME, false)).build()));
+ envVarList.add(new EnvVar(KEYCLOAK_BACKEND_SECRET, null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector(KEYCLOAK_BACKEND_SECRET, NAME, false)).build()));
}
if (config.isInstallGitea()) {
diff --git a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanSecret.java b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanSecret.java
index fc63ace0..3a97dbbd 100644
--- a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanSecret.java
+++ b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanSecret.java
@@ -29,10 +29,11 @@ public class KaravanSecret {
public static Secret getSecret(KaravanCommand config) {
Map<String, String> secretData = new HashMap<>();
- secretData.put("master-password", (config.isAuthBasic() ? config.getMasterPassword() : "karavan"));
- secretData.put("oidc-secret", (config.isAuthOidc() ? config.getOidcSecret() : "xxx"));
- secretData.put("oidc-server-url", (config.isAuthOidc() ? config.getOidcServerUrl() : "https://localhost/auth/realms/karavan"));
- secretData.put("oidc-frontend-url", (config.isAuthOidc() ? config.getOidcFrontendUrl() : "https://localhost/auth"));
+ secretData.put("karavan.keycloak.url", (config.isAuthOidc() ? config.getKeycloakUrl() : "https://localhost"));
+ secretData.put("karavan.keycloak.realm", (config.isAuthOidc() ? config.getKeycloakRealm() : "karavan"));
+ secretData.put("karavan.keycloak.frontend.clientId", (config.isAuthOidc() ? config.getKeycloakFrontendClientId() : "karavan"));
+ secretData.put("karavan.keycloak.backend.clientId", (config.isAuthOidc() ? config.getKeycloakBackendClientId() : "karavan"));
+ secretData.put("karavan.keycloak.backend.secret", (config.isAuthOidc() ? config.getKeycloakBackendSecret() : "secret"));
secretData.put("git-repository", config.getGitRepository());
secretData.put("git-password", config.getGitPassword());
secretData.put("git-username", config.getGitUsername());