Merge branch 'keycloak-istio-injection' into 'master'

Keycloak Istio Injection Closes #1204 See merge request platform-one/big-bang/bigbang!1717

Merge branch 'keycloak-istio-injection' into 'master'
c2a15636 · Micah Nagel · 7495c9c3 · 24bbd0ac · c2a15636 · c2a15636
Commit c2a15636 authored 2 years ago by Micah Nagel
--- a/chart/templates/keycloak/namespace.yaml
+++ b/chart/templates/keycloak/namespace.yaml
@@ -5,8 +5,8 @@ kind: Namespace
 metadata:
  name: {{ $name }}
  labels:
-    istio-injection: disabled
+    istio-injection: {{ dig "istio" "injection" "enabled" .Values.addons.keycloak }}
    app.kubernetes.io/name: {{ $name }}
    app.kubernetes.io/component: "security-tools"
-    {{- include "commonLabels" . | nindent 4}}
-{{- end }}
\ No newline at end of file
+    {{- include "commonLabels" . | nindent 4 }}
+{{- end }}
--- a/chart/templates/keycloak/values.yaml
+++ b/chart/templates/keycloak/values.yaml
@@ -18,13 +18,21 @@ domain: {{ $domainName }}

 openshift: {{ .Values.openshift }}

+{{- $istioInjection := (and (eq (dig "istio" "injection" "enabled" .Values.addons.keycloak) "enabled") .Values.istio.enabled) }}
+
 istio:
  enabled: {{ .Values.istio.enabled }}
+  injection: {{ dig "istio" "injection" "enabled" .Values.addons.keycloak }}
  keycloak:
    enabled: true
    gateways:
    - istio-system/{{ default "public" .Values.addons.keycloak.ingress.gateway }}

+{{- if $istioInjection }}
+podAnnotations:
+  {{ include "istioAnnotation" . }}
+{{- end }}
+
 networkPolicies:
  enabled: {{ .Values.networkPolicies.enabled }}
  controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
@@ -41,6 +49,12 @@ serviceMonitor:
 {{- if .Values.addons.keycloak.database.host }}
 postgresql:
  enabled: false
+{{- else if $istioInjection }}
+postgresql:
+  primary:
+    {{ include "istioAnnotation" . }}
+  readReplicas:
+    {{ include "istioAnnotation" . }}
 {{- end }}

 {{- if or .Values.addons.keycloak.database.host (and .Values.addons.keycloak.ingress.cert .Values.addons.keycloak.ingress.key) }}

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1294,7 +1294,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git
      path: "./chart"
-      tag: "18.1.1-bb.0"
+      tag: "18.1.1-bb.1"

    database:
      # -- Hostname of a pre-existing database to use for Keycloak.