From 567f338273358cecf447a233d3820383fc0096c9 Mon Sep 17 00:00:00 2001
From: mr-bot <project2872_bot1@noreply.repo1.dso.mil>
Date: Mon, 27 Feb 2023 21:10:20 +0000
Subject: [PATCH] keycloak update to 18.4.0-bb.1

---
 chart/values.yaml                                |  2 +-
 .../configs/example/keycloak-prod-values.yaml    | 16 ++++++++++------
 tests/test-values.yaml                           |  2 +-
 3 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index 5f3fcccee7..5ec927a227 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1365,7 +1365,7 @@ addons:
     git:
       repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git
       path: "./chart"
-      tag: "18.4.0-bb.0"
+      tag: "18.4.0-bb.1"
 
     database:
       # -- Hostname of a pre-existing database to use for Keycloak.
diff --git a/docs/assets/configs/example/keycloak-prod-values.yaml b/docs/assets/configs/example/keycloak-prod-values.yaml
index 0f1e80c586..1a356f9f0f 100644
--- a/docs/assets/configs/example/keycloak-prod-values.yaml
+++ b/docs/assets/configs/example/keycloak-prod-values.yaml
@@ -123,12 +123,16 @@ addons:
           stringData:
             quarkus.properties: |-
               quarkus.http.non-application-root-path=/
-              quarkus.kc-routing-redirects.urls./=/auth/realms/YOUR-REALM-NAME/account
-              quarkus.kc-routing-redirects.urls./auth=/auth/realms/YOUR-REALM-NAME/account
-              quarkus.kc-routing-redirects.urls./register=/auth/realms/YOUR-REALM-NAME/protocol/openid-connect/registrations?client_id=account&response_type=code
-              quarkus.kc-routing-redirects.path-prefixes./oauth/authorize=/auth/realms/YOUR-REALM-NAME/protocol/openid-connect/auth
-              quarkus.kc-routing-redirects.path-filters./api/v4/user=/auth/realms/YOUR-REALM-NAME/protocol/openid-connect/userinfo
-              quarkus.kc-routing-redirects.path-filters./oauth/token=/auth/realms/YOUR-REALM-NAME/protocol/openid-connect/token
+              # custom redirects
+              quarkus.kc-routing.path-redirect./=/auth/realms/baby-yoda/account
+              quarkus.kc-routing.path-redirect./auth=/auth/realms/baby-yoda/account
+              quarkus.kc-routing.path-redirect./register=/auth/realms/baby-yoda/protocol/openid-connect/registrations?client_id=account&response_type=code
+              quarkus.kc-routing.path-prefix./oauth/authorize=/auth/realms/baby-yoda/protocol/openid-connect/auth
+              quarkus.kc-routing.path-filter./api/v4/user=/auth/realms/baby-yoda/protocol/openid-connect/userinfo
+              quarkus.kc-routing.path-filter./oauth/token=/auth/realms/baby-yoda/protocol/openid-connect/token
+              # block metrics and health enpoints from being exposed through the istio ingress
+              quarkus.kc-routing.path-recursive-block./metrics=8443
+              quarkus.kc-routing.path-recursive-block./health=8443
 
 
       # This config includes an example of injecting a custom theme jar on startup
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index 6d49104804..18e28b1577 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -1479,7 +1479,7 @@ addons:
             quarkus.properties: '{{ .Files.Get "resources/dev/quarkus.properties" }}'
       extraInitContainers: |-
         - name: plugin
-          image: registry1.dso.mil/ironbank/big-bang/p1-keycloak-plugin:3.0.1
+          image: registry1.dso.mil/ironbank/big-bang/p1-keycloak-plugin:3.1.0
           imagePullPolicy: Always
           command:
           - sh
-- 
GitLab