Revert "feat: manual only deployment"

This reverts commit e18bb49e9a.

helm/keycloak/values.yaml

@@ -1,54 +1,46 @@
-executor: KubernetesExecutor
+httpRelativePath: "/auth"
 
-dags:
-  gitSync:
+command:
+  - "/opt/keycloak/bin/kc.sh"
+  - "start"
+
+proxy:
+  enabled: true
+  mode: xforwarded
+  http:
     enabled: true
-    repo: git@github.com:idirbfs/dags.git
-    branch: main
-    rev: HEAD
-    depth: 1
-    maxFailures: 3
-    subPath: ""
-    sshKeySecret: airflow-gitsync-ssh
-    period: 60s
+
+extraEnv: |
+  - name: KEYCLOAK_ADMIN
+    value: admin
+  - name: KEYCLOAK_ADMIN_PASSWORD
+    value: changeme
+  - name: KC_HOSTNAME
+    value: "https://keycloak.idir-belfares.fr/auth"
+  - name: KC_HOSTNAME_STRICT
+    value: "true"
+  - name: KC_HOSTNAME_BACKCHANNEL_DYNAMIC
+    value: "false"
+  - name: KC_DB
+    value: postgres
+  - name: KC_DB_URL
+    value: "jdbc:postgresql://keycloak-db-postgresql.keycloak.svc.cluster.local/keycloak"
+  - name: KC_DB_USERNAME
+    value: keycloak
+  - name: KC_DB_PASSWORD
+    value: keycloak
 
 ingress:
-  apiServer:
-    enabled: true
-    ingressClassName: nginx
-    annotations:
-      cert-manager.io/cluster-issuer: letsencrypt-prod
-    hosts:
-      - name: airflow.idir-belfares.fr
-        tls:
-          enabled: true
-          secretName: airflow-tls
-    path: "/"
-    pathType: "Prefix"
-
-apiServer:
-  apiServerConfig: |
-    from flask_appbuilder.security.manager import AUTH_OAUTH
-
-    AUTH_TYPE = AUTH_OAUTH
-    AUTH_USER_REGISTRATION = True
-    AUTH_USER_REGISTRATION_ROLE = "Viewer"
-
-    OAUTH_PROVIDERS = [
-      {
-        "name": "keycloak",
-        "token_key": "access_token",
-        "icon": "fa-key",
-        "remote_app": {
-          "client_id": "airflow",
-          "client_secret": "pE1GuIVBSmy0Wy2Tcf0QbLPVGg415D6r",
-          "authorize_url": "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth",
-          "access_token_url": "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/token",
-          "jwks_uri": "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/certs",
-          "client_kwargs": {
-            "scope": "openid email profile",
-            "token_endpoint_auth_method": "client_secret_post"
-          }
-        }
-      }
-    ]
+  enabled: true
+  ingressClassName: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  rules:
+    - host: keycloak.idir-belfares.fr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: keycloak-tls
+      hosts:
+        - keycloak.idir-belfares.fr