MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
eaa163afa4c30ea1aece2896e6eb868ec5327a03
work-club-manager/infra/k8s/base/keycloak-deployment.yaml
WorkClub Automation eaa163afa4 fix(k8s): stabilize keycloak rollout and align CD deploy manifests 
Update Keycloak probe/realm import behavior and authority config so auth services start reliably on the dev cluster, while keeping CD deployment steps aligned with the actual Kubernetes overlay behavior.
2026-03-13 06:25:07 +01:00

110 lines
2.8 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: workclub-keycloak
labels:
app: workclub-keycloak
component: auth
spec:
replicas: 1
strategy:
type: Recreate
progressDeadlineSeconds: 1800
selector:
matchLabels:
app: workclub-keycloak
template:
metadata:
labels:
app: workclub-keycloak
component: auth
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:26.1
imagePullPolicy: IfNotPresent
args:
- start-dev
- --import-realm
ports:
- name: http
containerPort: 8080
protocol: TCP
- name: management
containerPort: 9000
protocol: TCP
readinessProbe:
httpGet:
path: /health/ready
port: management
initialDelaySeconds: 240
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 10
startupProbe:
httpGet:
path: /health/ready
port: management
initialDelaySeconds: 60
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 120
livenessProbe:
httpGet:
path: /health/live
port: management
initialDelaySeconds: 420
periodSeconds: 20
timeoutSeconds: 5
failureThreshold: 5
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 1024Mi
env:
- name: KC_DB
value: postgres
- name: KC_DB_URL_HOST
value: workclub-postgres
- name: KC_DB_URL_PORT
value: "5432"
- name: KC_DB_URL_DATABASE
value: keycloak
- name: KC_DB_USERNAME
value: keycloak
- name: KC_DB_PASSWORD
valueFrom:
secretKeyRef:
name: workclub-secrets
key: keycloak-db-password
- name: KC_BOOTSTRAP_ADMIN_USERNAME
valueFrom:
secretKeyRef:
name: workclub-secrets
key: keycloak-admin-username
- name: KC_BOOTSTRAP_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: workclub-secrets
key: keycloak-admin-password
- name: KC_HOSTNAME_STRICT
value: "false"
- name: KC_PROXY
value: "edge"
- name: KC_HTTP_ENABLED
value: "true"
- name: KC_HEALTH_ENABLED
value: "true"
volumeMounts:
- name: keycloak-realm-import
mountPath: /opt/keycloak/data/import
readOnly: true
volumes:
- name: keycloak-realm-import
configMap:
name: keycloak-realm-import
Reference in New Issue View Git Blame Copy Permalink