Follow this to deploy a Keycloak instance with the following:
- A dedicated
Realm(Recommended) - A
Clientrepresenting the Sigstore integration - Valid
Redirect URIs- A value of
*can be used for testing
- A value of
- 1 or more
Users- Email Verified
The RHSSO Operator and necessary Keycloak resources are deployed with:
oc apply --kustomize keycloak/operator/base
# wait for this command to succeed before going on to be sure the Keycloak CRDs are registered
oc get keycloaks -A
oc apply --kustomize keycloak/resources/base
# wait for keycloak-system pods to be running before proceedingRefer to the user custom resource
for how to create a keycloak user. For testing, a user [email protected] with password: secure is created.
You can access the keycloak route and login as the admin user to set credentials in the keycloak admin console.
To get the keycloak admin credentials, run oc extract secret/credential-keycloak -n keycloak-system.
This will create an ADMIN_PASSWORD file with which to login.
The example custom resource defined in example-user.yaml can be modified and created:
# modify to include user details
oc create --save-config -f keycloak/resources/example-user.yaml -n keycloak-system