.lagoon.keycloak-secrets.yaml

apiVersion: v1
kind: Template
metadata:
  creationTimestamp: null
  name: lagoon-secret-environment-template
parameters:
  - name: KEYCLOAK_LAGOON_ADMIN_PASSWORD
    description: super admin password of keycloak
    generate: expression
    from: "[a-zA-Z0-9]{32}"
  - name: KEYCLOAK_ADMIN_PASSWORD
    description: admin user password of keycloak
    generate: expression
    from: "[a-zA-Z0-9]{32}"
  - name: KEYCLOAK_AUTH_SERVER_CLIENT_SECRET
    description: client secret of the auth server client
    generate: expression
    from: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
  - name: KEYCLOAK_API_CLIENT_SECRET
    description: client secret of the api client
    generate: expression
    from: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
  - name: SAFE_BRANCH
    description: Which branch this belongs to, special chars replaced with dashes
    required: true
  - name: SAFE_PROJECT
    description: Which project this belongs to, special chars replaced with dashes
    required: true
  - name: BRANCH
    description: Which branch this belongs to, original value
    required: true
  - name: PROJECT
    description: Which project this belongs to, original value
    required: true
  - name: LAGOON_GIT_SHA
    description: git hash sha of the current deployment
    required: true
  - name: OPENSHIFT_PROJECT
    description: Name of the Project that this service is in
    required: true
objects:
- kind: Secret
  apiVersion: v1
  metadata:
    name: keycloak-lagoon-admin-password
  stringData:
    KEYCLOAK_LAGOON_ADMIN_PASSWORD: ${KEYCLOAK_LAGOON_ADMIN_PASSWORD}
- kind: Secret
  apiVersion: v1
  metadata:
    name: keycloak-admin-password
  stringData:
    KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
- kind: Secret
  apiVersion: v1
  metadata:
    name: keycloak-auth-server-client-secret
  stringData:
    KEYCLOAK_AUTH_SERVER_CLIENT_SECRET: ${KEYCLOAK_AUTH_SERVER_CLIENT_SECRET}
- kind: Secret
  apiVersion: v1
  metadata:
    name: keycloak-api-client-secret
  stringData:
    KEYCLOAK_API_CLIENT_SECRET: ${KEYCLOAK_API_CLIENT_SECRET}