{{- /* Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} {{- if .Values.keycloakConfigCli.enabled }} apiVersion: batch/v1 kind: Job metadata: name: {{ printf "%s-keycloak-config-cli" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: keycloak-config-cli {{- if or .Values.keycloakConfigCli.annotations .Values.commonAnnotations }} {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.keycloakConfigCli.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: backoffLimit: {{ .Values.keycloakConfigCli.backoffLimit }} {{- if .Values.keycloakConfigCli.cleanupAfterFinished.enabled }} ttlSecondsAfterFinished: {{ .Values.keycloakConfigCli.cleanupAfterFinished.seconds }} {{- end }} template: metadata: {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.keycloakConfigCli.podLabels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} app.kubernetes.io/component: keycloak-config-cli annotations: {{- if (include "keycloak.keycloakConfigCli.createConfigmap" .) }} checksum/configuration: {{ include (print $.Template.BasePath "/keycloak-config-cli-configmap.yaml") . | sha256sum }} {{- end }} {{- if .Values.keycloakConfigCli.podAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.podAnnotations "context" $) | nindent 8 }} {{- end }} spec: serviceAccountName: {{ template "keycloak.serviceAccountName" . }} {{- include "keycloak.imagePullSecrets" . | nindent 6 }} restartPolicy: Never {{- if .Values.keycloakConfigCli.podSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.keycloakConfigCli.podSecurityContext "context" $) | nindent 8 }} {{- end }} automountServiceAccountToken: {{ .Values.keycloakConfigCli.automountServiceAccountToken }} {{- if .Values.keycloakConfigCli.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.hostAliases "context" $) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.podTolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.podTolerations "context" .) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.initContainers "context" $) | nindent 8 }} {{- end }} containers: - name: keycloak-config-cli image: {{ template "keycloak.keycloakConfigCli.image" . }} imagePullPolicy: {{ .Values.keycloakConfigCli.image.pullPolicy }} {{- if .Values.keycloakConfigCli.command }} command: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.command "context" $) | nindent 12 }} {{- else }} command: - java - -jar - /opt/bitnami/keycloak-config-cli/keycloak-config-cli.jar {{- end }} {{- if .Values.keycloakConfigCli.args }} args: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.args "context" $) | nindent 12 }} {{- end }} {{- if .Values.keycloakConfigCli.containerSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.keycloakConfigCli.containerSecurityContext "context" $) | nindent 12 }} {{- end }} env: - name: KEYCLOAK_URL value: {{ printf "http://%s-headless:%d%s" (include "common.names.fullname" .) (.Values.containerPorts.http | int) (.Values.httpRelativePath) }} - name: KEYCLOAK_USER value: {{ .Values.auth.adminUser | quote }} - name: KEYCLOAK_PASSWORD valueFrom: secretKeyRef: name: {{ include "keycloak.secretName" . }} key: {{ include "keycloak.secretKey" . }} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: IMPORT_FILES_LOCATIONS value: /config/* {{- end }} - name: KEYCLOAK_AVAILABILITYCHECK_ENABLED value: {{ .Values.keycloakConfigCli.availabilityCheck.enabled | quote }} {{- if and .Values.keycloakConfigCli.availabilityCheck.enabled .Values.keycloakConfigCli.availabilityCheck.timeout }} - name: KEYCLOAK_AVAILABILITYCHECK_TIMEOUT value: {{ .Values.keycloakConfigCli.availabilityCheck.timeout }} {{- end }} {{- if .Values.keycloakConfigCli.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraEnvVars "context" $) | nindent 12 }} {{- end }} {{- if or .Values.keycloakConfigCli.extraEnvVarsCM .Values.keycloakConfigCli.extraEnvVarsSecret }} envFrom: {{- if .Values.keycloakConfigCli.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.keycloakConfigCli.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraEnvVarsSecret "context" $) }} {{- end }} {{- end }} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap .Values.keycloakConfigCli.extraVolumeMounts }} volumeMounts: - name: empty-dir mountPath: /tmp subPath: tmp-dir {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: config-volume mountPath: /config {{- end }} {{- if .Values.keycloakConfigCli.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- end }} {{- if .Values.keycloakConfigCli.resources }} resources: {{- toYaml .Values.keycloakConfigCli.resources | nindent 12 }} {{- else if ne .Values.keycloakConfigCli.resourcesPreset "none" }} resources: {{- include "common.resources.preset" (dict "type" .Values.keycloakConfigCli.resourcesPreset) | nindent 12 }} {{- end }} {{- if .Values.keycloakConfigCli.sidecars }} {{- include "common.tplvalues.render" ( dict "value" .Values.keycloakConfigCli.sidecars "context" $) | nindent 8 }} {{- end }} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap .Values.keycloakConfigCli.extraVolumes }} volumes: - name: empty-dir emptyDir: {} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: config-volume configMap: name: {{ include "keycloak.keycloakConfigCli.configmapName" . }} {{- end }} {{- if .Values.keycloakConfigCli.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraVolumes "context" $) | nindent 8 }} {{- end }} {{- end }} {{- end }}