Documentation
¶
Index ¶
- Constants
- func ClientSecret(cr *v1alpha1.KeycloakClient) *v1.Secret
- func ClientSecretReconciled(cr *v1alpha1.KeycloakClient, currentState *v1.Secret) *v1.Secret
- func ClientSecretSelector(cr *v1alpha1.KeycloakClient) client.ObjectKey
- func DatabaseSecret(cr *v1alpha1.Keycloak) *v1.Secret
- func DatabaseSecretReconciled(cr *v1alpha1.Keycloak, currentState *v1.Secret) *v1.Secret
- func DatabaseSecretSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func GenerateRandomBytes(n int) []byte
- func GenerateRandomString(s int) string
- func GetCurrentKeycloakImage(currentState *v13.StatefulSet) string
- func GetExternalDatabaseHost(secret *v1.Secret) string
- func GetExternalDatabaseName(secret *v1.Secret) string
- func GetExternalDatabasePort(secret *v1.Secret) int32
- func GetImageRepoAndVersion(image string) (string, string, string, string)
- func GetRealmUserSecretName(keycloakNamespace, realmName, userName string) string
- func GetReconciledKeycloakImage(currentImage string) string
- func GetReconciledRHSSOImage(currentImage string) string
- func GetServiceEnvVar(suffix string) string
- func GrafanaDashboard(cr *v1alpha1.Keycloak) *grafanav1alpha1.GrafanaDashboard
- func GrafanaDashboardReconciled(cr *v1alpha1.Keycloak, currentState *grafanav1alpha1.GrafanaDashboard) *grafanav1alpha1.GrafanaDashboard
- func GrafanaDashboardSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func IsIP(host []byte) bool
- func KeycloakAdminSecret(cr *v1alpha1.Keycloak) *v1.Secret
- func KeycloakAdminSecretReconciled(cr *v1alpha1.Keycloak, currentState *v1.Secret) *v1.Secret
- func KeycloakAdminSecretSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func KeycloakDeployment(cr *v1alpha1.Keycloak, dbSecret *v1.Secret) *v13.StatefulSet
- func KeycloakDeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.StatefulSet, dbSecret *v1.Secret) *v13.StatefulSet
- func KeycloakDeploymentSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func KeycloakDiscoveryService(cr *v1alpha1.Keycloak) *v1.Service
- func KeycloakDiscoveryServiceReconciled(cr *v1alpha1.Keycloak, currentState *v1.Service) *v1.Service
- func KeycloakDiscoveryServiceSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func KeycloakExtensionsInitContainers(cr *v1alpha1.Keycloak) []v1.Container
- func KeycloakIngress(cr *kc.Keycloak) *v1beta1.Ingress
- func KeycloakIngressReconciled(cr *kc.Keycloak, currentState *v1beta1.Ingress) *v1beta1.Ingress
- func KeycloakIngressSelector(cr *kc.Keycloak) client.ObjectKey
- func KeycloakProbes(cr *v1alpha1.Keycloak) *v1.ConfigMap
- func KeycloakProbesSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func KeycloakRoute(cr *kc.Keycloak) *v1.Route
- func KeycloakRouteReconciled(cr *kc.Keycloak, currentState *v1.Route) *v1.Route
- func KeycloakRouteSelector(cr *kc.Keycloak) client.ObjectKey
- func KeycloakService(cr *v1alpha1.Keycloak) *v1.Service
- func KeycloakServiceReconciled(cr *v1alpha1.Keycloak, currentState *v1.Service) *v1.Service
- func KeycloakServiceSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func KeycloakVolumeMounts(extensionsPath string) []v1.VolumeMount
- func KeycloakVolumes() []v1.Volume
- func PodDisruptionBudget(cr *v1alpha1.Keycloak) *v1beta1.PodDisruptionBudget
- func PodDisruptionBudgetReconciled(cr *v1alpha1.Keycloak, currentState *v1beta1.PodDisruptionBudget) *v1beta1.PodDisruptionBudget
- func PodDisruptionBudgetSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PodMonitor(cr *v1alpha1.Keycloak) *monitoringv1.PodMonitor
- func PodMonitorSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PostgresqlAWSBackup(cr *v1alpha1.KeycloakBackup) *v13.Job
- func PostgresqlAWSBackupReconciled(cr *v1alpha1.KeycloakBackup, currentState *v13.Job) *v13.Job
- func PostgresqlAWSBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
- func PostgresqlAWSPeriodicBackup(cr *v1alpha1.KeycloakBackup) *v1beta1.CronJob
- func PostgresqlAWSPeriodicBackupReconciled(cr *v1alpha1.KeycloakBackup, currentState *v1beta1.CronJob) *v1beta1.CronJob
- func PostgresqlAWSPeriodicBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
- func PostgresqlBackup(cr *v1alpha1.KeycloakBackup) *v13.Job
- func PostgresqlBackupPersistentVolumeClaim(cr *v1alpha1.KeycloakBackup) *v1.PersistentVolumeClaim
- func PostgresqlBackupPersistentVolumeClaimReconciled(cr *v1alpha1.KeycloakBackup, currentState *v1.PersistentVolumeClaim) *v1.PersistentVolumeClaim
- func PostgresqlBackupPersistentVolumeClaimSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
- func PostgresqlBackupReconciled(cr *v1alpha1.KeycloakBackup, currentState *v13.Job) *v13.Job
- func PostgresqlBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
- func PostgresqlDeployment(cr *v1alpha1.Keycloak) *v13.Deployment
- func PostgresqlDeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.Deployment) *v13.Deployment
- func PostgresqlDeploymentSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PostgresqlPersistentVolumeClaim(cr *v1alpha1.Keycloak) *v1.PersistentVolumeClaim
- func PostgresqlPersistentVolumeClaimReconciled(cr *v1alpha1.Keycloak, currentState *v1.PersistentVolumeClaim) *v1.PersistentVolumeClaim
- func PostgresqlPersistentVolumeClaimSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PostgresqlService(cr *v1alpha1.Keycloak, dbSecret *v1.Secret, serviceTypeExternal bool) *v1.Service
- func PostgresqlServiceEndpoints(cr *v1alpha1.Keycloak) *v1.Endpoints
- func PostgresqlServiceEndpointsReconciled(cr *v1alpha1.Keycloak, currentState *v1.Endpoints, ...) *v1.Endpoints
- func PostgresqlServiceEndpointsSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PostgresqlServiceReconciled(currentState *v1.Service) *v1.Service
- func PostgresqlServiceSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func PrometheusRule(cr *v1alpha1.Keycloak) *monitoringv1.PrometheusRule
- func PrometheusRuleSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func RHSSODeployment(cr *v1alpha1.Keycloak, dbSecret *v1.Secret) *v13.StatefulSet
- func RHSSODeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.StatefulSet, dbSecret *v1.Secret) *v13.StatefulSet
- func RHSSODeploymentSelector(cr *v1alpha1.Keycloak) client.ObjectKey
- func RealmCredentialSecret(cr *v1alpha1.KeycloakRealm, user *v1alpha1.KeycloakAPIUser, ...) *v1.Secret
- func RealmCredentialSecretSelector(cr *v1alpha1.KeycloakRealm, user *v1alpha1.KeycloakAPIUser, ...) client.ObjectKey
- func SanitizeNumberOfReplicas(numberOfReplicas int, isCreate bool) *int32
- func SanitizeResourceName(name string) string
- func ServiceMonitor(cr *v1alpha1.Keycloak) *monitoringv1.ServiceMonitor
- func ServiceMonitorSelector(cr *v1alpha1.Keycloak) client.ObjectKey
Constants ¶
View Source
const ( ApplicationName = "keycloak" MonitoringKey = "middleware" DatabaseSecretName = ApplicationName + "-db-secret" PostgresqlPersistentVolumeName = ApplicationName + "-postgresql-claim" PostgresqlBackupPersistentVolumeName = ApplicationName + "-backup" PostgresqlDeploymentName = ApplicationName + "-postgresql" KeycloakProbesName = ApplicationName + "-probes" PostgresqlDeploymentComponent = "database" PostgresqlServiceName = ApplicationName + "-postgresql" PostgresqlImage = "postgres:11.5" KeycloakImage = "quay.io/keycloak/keycloak:9.0.0" KeycloakInitContainerImage = "quay.io/keycloak/keycloak-init-container:master" RHSSOImage = "registry.access.redhat.com/redhat-sso-7/sso73-openshift:1.0-15" BackupImage = "quay.io/integreatly/backup-container:1.0.10" KeycloakDiscoveryServiceName = ApplicationName + "-discovery" KeycloakDeploymentName = ApplicationName KeycloakDeploymentComponent = "keycloak" PostgresqlBackupComponent = "database-backup" PostgresqlDatabase = "root" PostgresqlUsername = ApplicationName PostgresqlPasswordLength = 32 PostgresqlPersistentVolumeCapacity = "1Gi" DatabaseSecretUsernameProperty = "POSTGRES_USERNAME" // nolint DatabaseSecretPasswordProperty = "POSTGRES_PASSWORD" // nolint // Required by the Integreately Backup Image DatabaseSecretHostProperty = "POSTGRES_HOST" // nolint // Required by the Integreately Backup Image DatabaseSecretDatabaseProperty = "POSTGRES_DATABASE" // nolint // Required by the Integreately Backup Image DatabaseSecretSuperuserProperty = "POSTGRES_SUPERUSER" // nolint DatabaseSecretExternalAddressProperty = "POSTGRES_EXTERNAL_ADDRESS" // nolint DatabaseSecretExternalPortProperty = "POSTGRES_EXTERNAL_PORT" // nolint KeycloakServicePort = 8080 KeycloakHttpsServicePort = 8443 PostgresDefaultPort = 5432 AdminUsernameProperty = "ADMIN_USERNAME" // nolint AdminPasswordProperty = "ADMIN_PASSWORD" // nolint ServingCertSecretName = "sso-x509-https-secret" // nolint LivenessProbeProperty = "liveness_probe.sh" ReadinessProbeProperty = "readiness_probe.sh" RouteLoadBalancingStrategy = "source" PostgresqlBackupServiceAccountName = "keycloak-operator" KeycloakExtensionEnvVar = "KEYCLOAK_EXTENSIONS" KeycloakExtensionPath = "/opt/jboss/keycloak/providers" KeycloakExtensionsInitContainerPath = "/opt/extensions" RhssoExtensionPath = "/opt/eap/providers" ClientSecretName = ApplicationName + "-client-secret" ClientSecretClientIDProperty = "CLIENT_ID" ClientSecretClientSecretProperty = "CLIENT_SECRET" PodMonitorName = ApplicationName + "-pod-monitor" ServiceMonitorName = ApplicationName + "-service-monitor" )
Constants for a community Keycloak installation
View Source
const ( LivenessProbeInitialDelay = 30 ReadinessProbeInitialDelay = 40 //10s (curl) + 10s (curl) + 2s (just in case) ProbeTimeoutSeconds = 22 ProbeTimeBetweenRunsSeconds = 30 )
View Source
const ( LivenessProbeImplementation = `#!/bin/bash set -e curl -s --max-time 10 --fail http://$(hostname -i):8080/auth > /dev/null ` ReadinessProbeImplementation = `` /* 1037-byte string literal not displayed */ )
View Source
const GrafanaDashboardJSON = `` /* 26566-byte string literal not displayed */
Variables ¶
This section is empty.
Functions ¶
func ClientSecret ¶
func ClientSecret(cr *v1alpha1.KeycloakClient) *v1.Secret
func ClientSecretReconciled ¶
func ClientSecretSelector ¶
func ClientSecretSelector(cr *v1alpha1.KeycloakClient) client.ObjectKey
func GenerateRandomBytes ¶
GenerateRandomBytes returns securely generated random bytes. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.
func GenerateRandomString ¶
GenerateRandomString returns a URL-safe, base64 encoded securely generated random string. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.
func GetCurrentKeycloakImage ¶
func GetCurrentKeycloakImage(currentState *v13.StatefulSet) string
Get image string from the statefulset. Default to RHSSOImage string
func GetExternalDatabaseHost ¶
func GetExternalDatabaseName ¶
func GetExternalDatabasePort ¶
func GetImageRepoAndVersion ¶
Split a full image string (e.g. quay.io/keycloak/keycloak:7.0.1 or registry.access.redhat.com/redhat-sso-7/sso73-openshift:1.0 ) into it's repo and individual versions
func GetRealmUserSecretName ¶
func GetReconciledKeycloakImage ¶
We allow the patch version of an image for keycloak to be increased outside of the operator on the cluster
func GetReconciledRHSSOImage ¶
We allow the patch version of an image for RH-SSO to be increased outside of the operator on the cluster
func GetServiceEnvVar ¶
func GrafanaDashboard ¶
func GrafanaDashboard(cr *v1alpha1.Keycloak) *grafanav1alpha1.GrafanaDashboard
func GrafanaDashboardReconciled ¶
func GrafanaDashboardReconciled(cr *v1alpha1.Keycloak, currentState *grafanav1alpha1.GrafanaDashboard) *grafanav1alpha1.GrafanaDashboard
func KeycloakDeployment ¶
func KeycloakDeploymentReconciled ¶
func KeycloakDeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.StatefulSet, dbSecret *v1.Secret) *v13.StatefulSet
func KeycloakRouteReconciled ¶
func KeycloakVolumeMounts ¶
func KeycloakVolumeMounts(extensionsPath string) []v1.VolumeMount
func KeycloakVolumes ¶
func PodDisruptionBudget ¶
func PodDisruptionBudget(cr *v1alpha1.Keycloak) *v1beta1.PodDisruptionBudget
func PodDisruptionBudgetReconciled ¶
func PodDisruptionBudgetReconciled(cr *v1alpha1.Keycloak, currentState *v1beta1.PodDisruptionBudget) *v1beta1.PodDisruptionBudget
func PodMonitor ¶
func PodMonitor(cr *v1alpha1.Keycloak) *monitoringv1.PodMonitor
func PostgresqlAWSBackup ¶
func PostgresqlAWSBackup(cr *v1alpha1.KeycloakBackup) *v13.Job
func PostgresqlAWSBackupSelector ¶
func PostgresqlAWSBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
func PostgresqlAWSPeriodicBackup ¶
func PostgresqlAWSPeriodicBackup(cr *v1alpha1.KeycloakBackup) *v1beta1.CronJob
func PostgresqlAWSPeriodicBackupSelector ¶
func PostgresqlAWSPeriodicBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
func PostgresqlBackup ¶
func PostgresqlBackup(cr *v1alpha1.KeycloakBackup) *v13.Job
func PostgresqlBackupPersistentVolumeClaim ¶
func PostgresqlBackupPersistentVolumeClaim(cr *v1alpha1.KeycloakBackup) *v1.PersistentVolumeClaim
func PostgresqlBackupPersistentVolumeClaimReconciled ¶
func PostgresqlBackupPersistentVolumeClaimReconciled(cr *v1alpha1.KeycloakBackup, currentState *v1.PersistentVolumeClaim) *v1.PersistentVolumeClaim
func PostgresqlBackupPersistentVolumeClaimSelector ¶
func PostgresqlBackupPersistentVolumeClaimSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
func PostgresqlBackupSelector ¶
func PostgresqlBackupSelector(cr *v1alpha1.KeycloakBackup) client.ObjectKey
func PostgresqlDeployment ¶
func PostgresqlDeployment(cr *v1alpha1.Keycloak) *v13.Deployment
func PostgresqlDeploymentReconciled ¶
func PostgresqlDeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.Deployment) *v13.Deployment
func PostgresqlPersistentVolumeClaim ¶
func PostgresqlPersistentVolumeClaim(cr *v1alpha1.Keycloak) *v1.PersistentVolumeClaim
func PostgresqlPersistentVolumeClaimReconciled ¶
func PostgresqlPersistentVolumeClaimReconciled(cr *v1alpha1.Keycloak, currentState *v1.PersistentVolumeClaim) *v1.PersistentVolumeClaim
func PostgresqlService ¶
func PrometheusRule ¶
func PrometheusRule(cr *v1alpha1.Keycloak) *monitoringv1.PrometheusRule
func RHSSODeployment ¶
func RHSSODeploymentReconciled ¶
func RHSSODeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.StatefulSet, dbSecret *v1.Secret) *v13.StatefulSet
func RealmCredentialSecret ¶
func RealmCredentialSecret(cr *v1alpha1.KeycloakRealm, user *v1alpha1.KeycloakAPIUser, keycloak *v1alpha1.Keycloak) *v1.Secret
func RealmCredentialSecretSelector ¶
func RealmCredentialSecretSelector(cr *v1alpha1.KeycloakRealm, user *v1alpha1.KeycloakAPIUser, keycloak *v1alpha1.Keycloak) client.ObjectKey
func SanitizeResourceName ¶
func ServiceMonitor ¶
func ServiceMonitor(cr *v1alpha1.Keycloak) *monitoringv1.ServiceMonitor
Types ¶
This section is empty.
Source Files
¶
- client_secret.go
- constants.go
- database_secret.go
- grafana_dashboard.go
- init_container_common.go
- keycloak_admin_secret.go
- keycloak_deployment.go
- keycloak_discovery_service.go
- keycloak_ingress.go
- keycloak_probes.go
- keycloak_route.go
- keycloak_service.go
- monitoring_constants.go
- pod_disruption_budget.go
- pod_monitor.go
- postgresql_aws_backup.go
- postgresql_aws_periodic_backup.go
- postgresql_backup.go
- postgresql_backup_persistent_volume_claim.go
- postgresql_common_backup.go
- postgresql_deployment.go
- postgresql_persistent_volume_claim.go
- postgresql_service.go
- postgresql_service_endpoints.go
- prometheus_rule.go
- realm_credential_secret.go
- rhsso_deployment.go
- service_monitor.go
- util.go
Click to show internal directories.
Click to hide internal directories.