forked from keycloak/keycloak-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
keycloak.org_keycloaks_crd.yaml
134 lines (134 loc) · 5.77 KB
/
keycloak.org_keycloaks_crd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: keycloaks.keycloak.org
spec:
group: keycloak.org
names:
kind: Keycloak
listKind: KeycloakList
plural: keycloaks
singular: keycloak
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: Keycloak is the Schema for the keycloaks API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: KeycloakSpec defines the desired state of Keycloak
properties:
extensions:
description: A list of extensions, where each one is a URL to a JAR
files that will be deployed in Keycloak.
items:
type: string
type: array
externalAccess:
description: Controls external Ingress/Route settings.
properties:
enabled:
description: If set to true, the Operator will create an Ingress
or a Route pointing to Keycloak.
type: boolean
type: object
externalDatabase:
description: "Controls external database settings. Using an external
database requires providing a secret containing credentials as well
as connection details. Here's an example of such secret: \n apiVersion:
v1 kind: Secret metadata: name: keycloak-db-secret
\ namespace: keycloak stringData: POSTGRES_DATABASE:
<Database Name> POSTGRES_EXTERNAL_ADDRESS: <External Database
IP or URL (resolvable by K8s)> POSTGRES_EXTERNAL_PORT: <External
Database Port> # Strongly recommended to use <'Keycloak CR
Name'-postgresql> POSTGRES_HOST: <Database Service Name> POSTGRES_PASSWORD:
<Database Password> # Required for AWS Backup functionality
\ POSTGRES_SUPERUSER: true POSTGRES_USERNAME: <Database
Username> type: Opaque \n Both POSTGRES_EXTERNAL_ADDRESS and
POSTGRES_EXTERNAL_PORT are specifically required for creating connection
to the external database. The secret name is created using the following
convention: <Custom Resource Name>-db-secret \n For more information,
please refer to the Operator documentation."
properties:
enabled:
description: If set to true, the Operator will use an external database.
pointing to Keycloak.
type: boolean
type: object
instances:
description: Number of Keycloak instances in HA mode. Default is 1.
type: integer
podDisruptionBudget:
description: Specify PodDisruptionBudget configuration
properties:
enabled:
description: If set to true, the operator will create a PodDistruptionBudget
for the Keycloak deployment and set its `maxUnavailable` value
to 1
type: boolean
type: object
profile:
description: Profile used for controlling Operator behavior. Default
is empty.
type: string
type: object
status:
description: KeycloakStatus defines the observed state of Keycloak
properties:
credentialSecret:
description: The secret where the admin credentials are to be found
type: string
internalURL:
description: Service IP and Port for in-cluster access to the keycloak
instance
type: string
message:
description: Human-readable message indicating details about current
operator phase or error.
type: string
phase:
description: Current phase of the operator.
type: string
ready:
description: True if all resources are in a ready state and all work
is done.
type: boolean
secondaryResources:
additionalProperties:
items:
type: string
type: array
description: 'A map of all the secondary resources types and names created
for this CR. e.g "Deployment": [ "DeploymentName1", "DeploymentName2"
]'
type: object
version:
description: Version of Keycloak or RHSSO running on the cluster
type: string
required:
- credentialSecret
- internalURL
- message
- phase
- ready
- version
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true