From cb21eed020f2afe50dc6d988599f3412a382a09a Mon Sep 17 00:00:00 2001 From: Kochetkov S Date: Tue, 14 Apr 2026 18:06:24 +0300 Subject: [PATCH] add vault support --- .../infrastructure/patches/keycloak.yaml | 26 +++++++++++++++++++ infrastructure/keycloak/base/helmrelease.yaml | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/clusters/yc-k8s-test/infrastructure/patches/keycloak.yaml b/clusters/yc-k8s-test/infrastructure/patches/keycloak.yaml index 4d9a7fa..d4a7fe4 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/keycloak.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/keycloak.yaml @@ -16,6 +16,32 @@ spec: size: 10Gi postgresql: enabled: false + vaultEnv: + enabled: true + role: keycloak + authPath: auth/kubernetes + envFiles: + KEYCLOAK_ADMIN_PASSWORD: + path: secrets/data/keycloak/admin + key: password + KEYCLOAK_PASSWORD: + path: secrets/data/keycloak/admin + key: password + KEYCLOAK_DATABASE_HOST: + path: secrets/data/keycloak/postgresql + key: host + KEYCLOAK_DATABASE_PORT: + path: secrets/data/keycloak/postgresql + key: port + KEYCLOAK_DATABASE_USER: + path: secrets/data/keycloak/postgresql + key: user + KEYCLOAK_DATABASE_NAME: + path: secrets/data/keycloak/postgresql + key: database + KEYCLOAK_DATABASE_PASSWORD: + path: secrets/data/keycloak/postgresql + key: password externalDatabase: host: "postgresql.postgresql.svc.cluster.local" port: 5432 diff --git a/infrastructure/keycloak/base/helmrelease.yaml b/infrastructure/keycloak/base/helmrelease.yaml index 8a1ee93..a7ee008 100644 --- a/infrastructure/keycloak/base/helmrelease.yaml +++ b/infrastructure/keycloak/base/helmrelease.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: keycloak-contour - version: "22.2.6" + version: "22.2.7" sourceRef: kind: HelmRepository name: yc-oci-charts