{{- /* Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} {{- if .Values.keycloakConfigCli.enabled }} apiVersion: batch/v1 kind: Job metadata: name: {{ printf "%s-keycloak-config-cli" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" .) | nindent 4 }} app.kubernetes.io/component: keycloak-config-cli app.kubernetes.io/part-of: keycloak {{- $defaultAnnotations := ternary (dict "helm.sh/hook" "post-install,post-upgrade,post-rollback" "helm.sh/hook-delete-policy" "before-hook-creation,hook-succeeded" "helm.sh/hook-weight" "5") (dict) .Values.useHelmHooks }} {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.keycloakConfigCli.annotations .Values.commonAnnotations $defaultAnnotations) "context" .) }} annotations: {{- include "common.tplvalues.render" (dict "value" $annotations "context" .) | nindent 4 }} spec: backoffLimit: {{ .Values.keycloakConfigCli.backoffLimit }} {{- if .Values.keycloakConfigCli.cleanupAfterFinished.enabled }} ttlSecondsAfterFinished: {{ .Values.keycloakConfigCli.cleanupAfterFinished.seconds }} {{- end }} template: metadata: {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.keycloakConfigCli.podLabels .Values.commonLabels) "context" .) }} labels: {{- include "common.labels.standard" (dict "customLabels" $podLabels "context" .) | nindent 8 }} app.kubernetes.io/component: keycloak-config-cli app.kubernetes.io/part-of: keycloak annotations: {{- if and .Values.keycloakConfigCli.configuration (not .Values.keycloakConfigCli.existingConfigmap) }} checksum/configuration: {{ include (print $.Template.BasePath "/keycloak-config-cli-configmap.yaml") . | sha256sum }} {{- end }} {{- if .Values.keycloakConfigCli.podAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.podAnnotations "context" .) | nindent 8 }} {{- end }} spec: restartPolicy: Never serviceAccountName: {{ template "keycloak.serviceAccountName" . }} {{- include "keycloak.imagePullSecrets" . | nindent 6 }} {{- if .Values.keycloakConfigCli.podSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.keycloakConfigCli.podSecurityContext "context" .) | nindent 8 }} {{- end }} automountServiceAccountToken: {{ .Values.keycloakConfigCli.automountServiceAccountToken }} {{- if .Values.keycloakConfigCli.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.hostAliases "context" .) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.nodeSelector "context" .) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.tolerations "context" .) | nindent 8 }} {{- end }} {{- if .Values.keycloakConfigCli.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.initContainers "context" .) | nindent 8 }} {{- end }} containers: - name: keycloak-config-cli image: {{ template "keycloak.keycloakConfigCli.image" . }} imagePullPolicy: {{ .Values.keycloakConfigCli.image.pullPolicy }} command: {{- if .Values.keycloakConfigCli.command }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.command "context" .) | nindent 12 }} {{- else }} - java {{- end }} args: {{- if .Values.keycloakConfigCli.args }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.args "context" .) | nindent 12 }} {{- else }} - -jar - /opt/bitnami/keycloak-config-cli/keycloak-config-cli.jar {{- end }} {{- if .Values.keycloakConfigCli.containerSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.keycloakConfigCli.containerSecurityContext "context" .) | nindent 12 }} {{- end }} env: # ref: https://github.com/adorsys/keycloak-config-cli?tab=readme-ov-file#configuration - name: KEYCLOAK_URL value: {{ printf "http://%s:%d%s" (include "keycloak.headless.serviceName" .) (.Values.containerPorts.http | int) (.Values.httpRelativePath) }} - name: KEYCLOAK_USER value: {{ .Values.auth.adminUser | quote }} - name: KEYCLOAK_PASSWORD valueFrom: secretKeyRef: name: {{ include "keycloak.secretName" . }} key: {{ include "keycloak.secretKey" . }} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: IMPORT_FILES_LOCATIONS value: /config/* {{- end }} - name: KEYCLOAK_AVAILABILITYCHECK_ENABLED value: {{ .Values.keycloakConfigCli.availabilityCheck.enabled | quote }} {{- if and .Values.keycloakConfigCli.availabilityCheck.enabled .Values.keycloakConfigCli.availabilityCheck.timeout }} - name: KEYCLOAK_AVAILABILITYCHECK_TIMEOUT value: {{ .Values.keycloakConfigCli.availabilityCheck.timeout }} {{- end }} {{- if .Values.keycloakConfigCli.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraEnvVars "context" .) | nindent 12 }} {{- end }} {{- if or .Values.keycloakConfigCli.extraEnvVarsCM .Values.keycloakConfigCli.extraEnvVarsSecret }} envFrom: {{- if .Values.keycloakConfigCli.extraEnvVarsCM }} - configMapRef: name: {{ tpl .Values.keycloakConfigCli.extraEnvVarsCM . }} {{- end }} {{- if .Values.keycloakConfigCli.extraEnvVarsSecret }} - secretRef: name: {{ tpl .Values.keycloakConfigCli.extraEnvVarsSecret . }} {{- end }} {{- end }} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap .Values.keycloakConfigCli.extraVolumeMounts }} volumeMounts: - name: empty-dir mountPath: /tmp subPath: tmp-dir {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: config-volume mountPath: /config {{- end }} {{- if .Values.keycloakConfigCli.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraVolumeMounts "context" .) | nindent 12 }} {{- end }} {{- end }} {{- if .Values.keycloakConfigCli.resources }} resources: {{- toYaml .Values.keycloakConfigCli.resources | nindent 12 }} {{- else if ne .Values.keycloakConfigCli.resourcesPreset "none" }} resources: {{- include "common.resources.preset" (dict "type" .Values.keycloakConfigCli.resourcesPreset) | nindent 12 }} {{- end }} {{- if .Values.keycloakConfigCli.sidecars }} {{- include "common.tplvalues.render" ("value" .Values.keycloakConfigCli.sidecars "context" .) | nindent 8 }} {{- end }} volumes: - name: empty-dir emptyDir: {} {{- if or .Values.keycloakConfigCli.configuration .Values.keycloakConfigCli.existingConfigmap }} - name: config-volume configMap: name: {{ include "keycloak.keycloakConfigCli.configmapName" . }} {{- end }} {{- if .Values.keycloakConfigCli.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.keycloakConfigCli.extraVolumes "context" .) | nindent 8 }} {{- end }} {{- end }}