Gitiles
Code Review Sign In
gerrit.opencord.org / roc-helm-charts / refs/heads/master / . / keycloak / values.yaml
blob: 9ec9b88cc473e074cd1a6698f27cab1d8927a596 [file] [log] [blame]
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]1# SPDX-FileCopyrightText: 2023-present Intel Corporation
2#
3# SPDX-License-Identifier: Apache-2.0
4
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]5## Keycloak authentication parameters
6## ref: https://github.com/bitnami/containers/tree/main/bitnami/keycloak#admin-credentials
7##
8auth:
9 ## @param auth.adminUser Keycloak administrator user
10 ##
11 adminUser: admin
12 ## @param auth.adminPassword Keycloak administrator password for the new user
13 ##
14 adminPassword: admin
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]15
16## @section keycloak-config-cli parameters
17
18## Configuration for keycloak-config-cli
19## ref: https://github.com/adorsys/keycloak-config-cli
20##
21keycloakConfigCli:
22 ## @param keycloakConfigCli.enabled Whether to enable keycloak-config-cli job
23 ##
24 enabled: true
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]25 ## @param keycloakConfigCli.command Command for running the container (set to default if not set). Use array form
26 ##
27 command:
28 - java
29 - -jar
30 - /opt/bitnami/keycloak-config-cli/keycloak-config-cli.jar
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]31 ## @param keycloakConfigCli.configuration keycloak-config-cli realms configuration
32 ## NOTE: nil keys will be considered files to import locally
33 ## Example:
34 ## configuration:
35 ## realm1.json: |
36 ## {
37 ## "realm": "realm1",
38 ## "clients": []
39 ## }
40 ## files/realm2.yaml:
41 ## realm3.yaml: |
42 ## realm: realm3
43 ## clients: []
44 ##
45 configuration:
46 realm-master.json: |
47 {
48 "realm": "master",
49 "displayName": "Aether Keycloak",
50 "displayNameHtml": "<img src='https://opennetworking.org/wp-content/uploads/2020/02/aether-logo.png'></img>",
51 "accessTokenLifespan": 86400,
52 "ssoSessionMaxLifespan": 86400,
53 "clients": [
54 {
55 "clientId": "aether-roc-gui",
56 "name": "Aether ROC GUI",
57 "rootUrl": "http://aether-roc-gui:31194",
58 "adminUrl": "http://aether-roc-gui:31194",
59 "enabled": true,
60 "clientAuthenticatorType": "client-secret",
61 "redirectUris": [
62 "http://aether-roc-gui:8183/*",
63 "http://localhost:8183/*",
64 "http://localhost:4200/*",
65 "http://aether-roc-gui:31194/*"
66 ],
67 "webOrigins": [
68 "http://localhost:8183",
69 "http://localhost:4200",
70 "http://aether-roc-gui:8183",
71 "http://aether-roc-gui:31194"
72 ],
73 "protocol": "openid-connect",
74 "fullScopeAllowed": true,
75 "defaultClientScopes": [
76 "profile",
77 "email"
78 ],
79 "optionalClientScopes": [
80 "roles",
81 "groups",
82 "offline_access"
83 ]
84 }
85 ],
86 "clientScopes": [
87 {
88 "name": "groups",
89 "description": "Groups scope",
90 "protocol": "openid-connect",
91 "attributes": {
92 "include.in.token.scope": "true",
93 "display.on.consent.screen": "true"
94 },
95 "protocolMappers": [
96 {
97 "name": "Groups Mapper",
98 "protocol": "openid-connect",
99 "protocolMapper": "oidc-group-membership-mapper",
100 "consentRequired": false,
101 "config": {
102 "full.path": "false",
103 "id.token.claim": "true",
104 "access.token.claim": "true",
105 "claim.name": "groups",
106 "userinfo.token.claim": "true"
107 }
108 }
109 ]
110 }
111 ],
112 "groups": [
113 {
114 "name": "AetherROCAdmin",
115 "path": "/AetherROCAdmin"
116 },
117 {
118 "name": "EnterpriseAdmin",
119 "path": "/EnterpriseAdmin"
120 },
121 {
122 "name": "acme",
123 "path": "/acme"
124 },
125 {
126 "name": "aiab-enterprise",
127 "path": "/aiab-enterprise"
128 },
129 {
130 "name": "defaultent",
131 "path": "/defaultent"
132 },
133 {
134 "name": "starbucks",
135 "path": "/starbucks"
136 },
137 {
138 "name": "charactersGroup",
139 "path": "/charactersGroup"
140 },
141 {
142 "name": "mixedGroup",
143 "path": "/mixedGroup"
144 }
145 ],
146 "users": [
147 {
148 "username" : "alicea",
149 "enabled" : true,
150 "totp" : false,
151 "emailVerified" : false,
152 "firstName" : "Alice",
153 "lastName" : "Admin",
154 "email" : "alicea@opennetworking.org",
155 "credentials": [
156 {
157 "type": "password",
158 "value": "password"
159 }
160 ],
161 "realmRoles" : [ "default-roles-master" ],
162 "groups" : [ "/mixedGroup", "/AetherROCAdmin" ],
163 "clientRoles": {
164 "account": [
165 "view-profile",
166 "manage-account"
167 ]
168 },
169 },
170 {
171 "username" : "bobc",
172 "enabled" : true,
173 "totp" : false,
174 "emailVerified" : false,
175 "firstName" : "Bob",
176 "lastName" : "Cratchit",
177 "email" : "bobc@opennetworking.org",
178 "credentials": [
179 {
180 "type": "password",
181 "value": "password"
182 }
183 ],
184 "realmRoles" : [ "default-roles-master" ],
185 "groups" : [ "/mixedGroup", "/charactersGroup" ],
186 "clientRoles": {
187 "account": [
188 "view-profile",
189 "manage-account"
190 ]
191 },
192 },
193 {
194 "username" : "charlieb",
195 "enabled" : true,
196 "totp" : false,
197 "emailVerified" : false,
198 "firstName" : "Charlie",
199 "lastName" : "Brown",
200 "email" : "charlieb@opennetworking.org",
201 "credentials": [
202 {
203 "type": "password",
204 "value": "password"
205 }
206 ],
207 "realmRoles" : [ "default-roles-master" ],
208 "groups" : [ "/charactersGroup" ],
209 "clientRoles": {
210 "account": [
211 "view-profile",
212 "manage-account"
213 ]
214 },
215 },
216 {
217 "username" : "daisyd",
218 "enabled" : true,
219 "totp" : false,
220 "emailVerified" : false,
221 "firstName" : "Daisy",
222 "lastName" : "Duke",
223 "email" : "daisyd@opennetworking.org",
224 "credentials": [
225 {
226 "type": "password",
227 "value": "password"
228 }
229 ],
230 "realmRoles" : [ "default-roles-master" ],
231 "groups" : [ "/charactersGroup", "/EnterpriseAdmin", "/starbucks", "/aiab-enterprise" ],
232 "clientRoles": {
233 "account": [
234 "view-profile",
235 "manage-account"
236 ]
237 },
238 },
239 {
240 "username" : "elmerf",
241 "enabled" : true,
242 "totp" : false,
243 "emailVerified" : false,
244 "firstName" : "Elmer",
245 "lastName" : "Fudd",
246 "email" : "elmerf@opennetworking.org",
247 "credentials": [
248 {
249 "type": "password",
250 "value": "password"
251 }
252 ],
253 "realmRoles" : [ "default-roles-master" ],
254 "groups" : [ "/charactersGroup", "/starbucks", "/aiab-enterprise" ],
255 "clientRoles": {
256 "account": [
257 "view-profile",
258 "manage-account"
259 ]
260 },
261 },
262 {
263 "username" : "fredf",
264 "enabled" : true,
265 "totp" : false,
266 "emailVerified" : false,
267 "firstName" : "Fred",
268 "lastName" : "Flintstone",
269 "email" : "fredf@opennetworking.org",
270 "credentials": [
271 {
272 "type": "password",
273 "value": "password"
274 }
275 ],
276 "realmRoles" : [ "default-roles-master" ],
277 "groups" : [ "/charactersGroup", "/EnterpriseAdmin", "/acme", "defaultent" ],
278 "clientRoles": {
279 "account": [
280 "view-profile",
281 "manage-account"
282 ]
283 },
284 },
285 {
286 "username" : "gandalfg",
287 "enabled" : true,
288 "totp" : false,
289 "emailVerified" : false,
290 "firstName" : "Gandalf",
291 "lastName" : "The Grey",
292 "email" : "gandalfg@opennetworking.org",
293 "credentials": [
294 {
295 "type": "password",
296 "value": "password"
297 }
298 ],
299 "realmRoles" : [ "default-roles-master" ],
300 "groups" : [ "/charactersGroup", "/acme", "defaultent" ],
301 "clientRoles": {
302 "account": [
303 "view-profile",
304 "manage-account"
305 ]
306 },
307 }
308 ]
309 }
SeanCondon0658e5d2023-04-18 10:30:09 +0100[diff] [blame]310