provider-keycloak

module
v1.2.0-rc Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 7, 2024 License: Apache-2.0

README

Provider keycloak

provider-keycloak is a Crossplane provider that is built using Upjet code generation tools and exposes XRM-conformant managed resources for the keycloak API.

Check out the examples in the examples directory for more information on how to use this provider.

Usage

Installation

To install the provider, use the following resource definition:

---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: provider-keycloak
  namespace: crossplane-system
spec:
  package: xpkg.upbound.io/crossplane-contrib/provider-keycloak:v1.0.0

This will install the provider in the crossplane-system namespace and install CRDs and controllers for the provider.

DeploymentRuntimeConfig

We also support DeploymentRuntimeConfig to enable additional features in the provider.

--- 
apiVersion: pkg.crossplane.io/v1beta1
kind: DeploymentRuntimeConfig
metadata:
  name: enable-ess
spec:
  deploymentTemplate:
    spec:
      selector: {}
      template:
        spec:
          containers:
            - name: package-runtime
              args:
                - --enable-external-secret-stores

which can be used in the provider resource as follows:

---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: keycloak-provider
  namespace: crossplane-system
  annotations:
    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
spec:
  package: xpkg.upbound.io/crossplane-contrib/provider-keycloak:v1.0.0
+ runtimeConfigRef:
+   name: enable-ess

(Without the + signs of course)

Configuration
  • For each keycloak instance you need one or more ProviderConfig resources.
  • The ProviderConfig resource is used to store the keycloak API server URL, credentials, and other configuration details that are required to connect to the keycloak API server.
  • Here is an example of a ProviderConfig resource:
---
apiVersion: keycloak.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
  name: keycloak-provider-config
spec:
  credentials:
    source: Secret
    secretRef:
      name: keycloak-credentials
      key: credentials
      namespace: crossplane-system
---
apiVersion: v1
kind: Secret
metadata:
  name: keycloak-credentials
  namespace: crossplane-system
  labels: 
    type: provider-credentials
type: Opaque
stringData:
  credentials: |
    {
      "client_id":"admin-cli",
      "username": "admin",
      "password": "admin",
      "url": "https://keycloak.example.com",
      "base_path": "/auth",
      "realm": "master"
    }

The secret keycloak-credentials contains the keycloak API server URL, credentials, and other configuration details that are required to connect to the keycloak API server. It supports the same fields as the terraform provider configuration

Custom Resource Definitions

You can explore the available custom resources:

  • Upbound marketplace site
  • kubectl get crd | grep keycloak.crossplane.io to list all the CRDs provided by the provider
  • kubectl explain <CRD_NAME> for docs on the CLI
  • You can also see the CRDs in the package/crds directory
Functions and Compositions:
  • function-keycloak-builtin-objects - The function is used to import the builtin objects of a keycloak, e.g. clients and roles. Everything you need to know is in the README of the repository.

Developing

Run code-generation pipeline:

go run cmd/generator/main.go "$PWD"

Checkout sub-repositories:

make submodules

Execute code generation:

make generate

Run against a Kubernetes cluster:

make run

Build, push, and install:

make all

Build binary:

make build

Regression Tests

TODO: Add regression test docs

Report a Bug

For filing bugs, suggesting improvements, or requesting new features, please open an issue.

Directories

Path Synopsis
Package apis contains Kubernetes API for the provider.
Package apis contains Kubernetes API for the provider.
authenticationflow/v1alpha1
+kubebuilder:object:generate=true +groupName=authenticationflow.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=authenticationflow.keycloak.crossplane.io +versionName=v1alpha1
client/v1alpha1
+kubebuilder:object:generate=true +groupName=client.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=client.keycloak.crossplane.io +versionName=v1alpha1
default/v1alpha1
+kubebuilder:object:generate=true +groupName=default.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=default.keycloak.crossplane.io +versionName=v1alpha1
defaults/v1alpha1
+kubebuilder:object:generate=true +groupName=defaults.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=defaults.keycloak.crossplane.io +versionName=v1alpha1
group/v1alpha1
+kubebuilder:object:generate=true +groupName=group.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=group.keycloak.crossplane.io +versionName=v1alpha1
identityprovider/v1alpha1
+kubebuilder:object:generate=true +groupName=identityprovider.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=identityprovider.keycloak.crossplane.io +versionName=v1alpha1
ldap/v1alpha1
+kubebuilder:object:generate=true +groupName=ldap.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=ldap.keycloak.crossplane.io +versionName=v1alpha1
oidc/v1alpha1
+kubebuilder:object:generate=true +groupName=oidc.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=oidc.keycloak.crossplane.io +versionName=v1alpha1
openidclient/v1alpha1
+kubebuilder:object:generate=true +groupName=openidclient.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=openidclient.keycloak.crossplane.io +versionName=v1alpha1
openidgroup/v1alpha1
+kubebuilder:object:generate=true +groupName=openidgroup.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=openidgroup.keycloak.crossplane.io +versionName=v1alpha1
realm/v1alpha1
+kubebuilder:object:generate=true +groupName=realm.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=realm.keycloak.crossplane.io +versionName=v1alpha1
role/v1alpha1
+kubebuilder:object:generate=true +groupName=role.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=role.keycloak.crossplane.io +versionName=v1alpha1
saml/v1alpha1
+kubebuilder:object:generate=true +groupName=saml.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=saml.keycloak.crossplane.io +versionName=v1alpha1
samlclient/v1alpha1
+kubebuilder:object:generate=true +groupName=samlclient.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=samlclient.keycloak.crossplane.io +versionName=v1alpha1
user/v1alpha1
+kubebuilder:object:generate=true +groupName=user.keycloak.crossplane.io +versionName=v1alpha1
+kubebuilder:object:generate=true +groupName=user.keycloak.crossplane.io +versionName=v1alpha1
v1alpha1
Package v1alpha1 contains the core resources of the keycloak jet provider.
Package v1alpha1 contains the core resources of the keycloak jet provider.
v1beta1
Package v1beta1 contains the core resources of the keycloak upjet provider.
Package v1beta1 contains the core resources of the keycloak upjet provider.
cmd
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL