Forte/launchpad
6
0
Fork 0
Code Issues Pull Requests Actions Packages Wiki Activity

fix attemt

Browse Source
This commit is contained in:
Danijel Simeunovic
2026-05-14 20:40:44 +02:00
parent 67b1d95509
commit bd478478f1
2 changed files with 52 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
infra/values/base/gitea-values.yaml
View File

@@ -41,7 +41,6 @@ gitea:
oauth2: oauth2:
ENABLED: true ENABLED: true
ENABLE_AUTO_REGISTRATION: true ENABLE_AUTO_REGISTRATION: true
ACCOUNT_LINKING: auto
USERNAME: email USERNAME: email
session: session:

53
infra/values/base/keycloak-values.yaml
View File

@@ -55,12 +55,12 @@ postgresql:
size: 8Gi size: 8Gi
keycloakConfigCli: keycloakConfigCli:
extraEnvVars:
- name: IMPORT_MANAGED_PROTOCOL_MAPPER
value: "no-delete"
enabled: true enabled: true
image: image:
repository: bitnamilegacy/keycloak-config-cli repository: bitnamilegacy/keycloak-config-cli
extraEnvVars:
- name: IMPORT_MANAGED_PROTOCOL_MAPPER
value: "no-delete"
configuration: configuration:
forte-realm.json: | forte-realm.json: |
{ {
@@ -75,7 +75,7 @@ keycloakConfigCli:
"clients": [ "clients": [
{ {
"clientId": "gitea", "clientId": "gitea",
"name": "Forte Git", "name": "Gitea",
"enabled": true, "enabled": true,
"protocol": "openid-connect", "protocol": "openid-connect",
"clientAuthenticatorType": "client-secret", "clientAuthenticatorType": "client-secret",
@@ -90,7 +90,22 @@ keycloakConfigCli:
"k8s.secret.name": "gitea-oidc-credentials", "k8s.secret.name": "gitea-oidc-credentials",
"k8s.secret.client-id-key": "key", "k8s.secret.client-id-key": "key",
"k8s.secret.client-secret-key": "secret" "k8s.secret.client-secret-key": "secret"
},
"protocolMappers": [
{
"name": "email_verified",
"protocol": "openid-connect",
"protocolMapper": "oidc-hardcoded-claim-mapper",
"config": {
"claim.name": "email_verified",
"claim.value": "true",
"jsonType.label": "boolean",
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true"
} }
}
]
}, },
{ {
"clientId": "grafana", "clientId": "grafana",
@@ -109,7 +124,23 @@ keycloakConfigCli:
"k8s.secret.name": "grafana-oidc-credentials", "k8s.secret.name": "grafana-oidc-credentials",
"k8s.secret.client-id-key": "client-id", "k8s.secret.client-id-key": "client-id",
"k8s.secret.client-secret-key": "client-secret" "k8s.secret.client-secret-key": "client-secret"
},
"protocolMappers": [
{
"name": "client-roles",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-client-role-mapper",
"config": {
"claim.name": "resource_access.grafana.roles",
"jsonType.label": "String",
"multivalued": "true",
"usermodel.clientRoleMapping.clientId": "grafana",
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true"
} }
}
]
}, },
{ {
"clientId": "argocd", "clientId": "argocd",
@@ -128,8 +159,22 @@ keycloakConfigCli:
"k8s.secret.name": "argocd-oidc-credentials", "k8s.secret.name": "argocd-oidc-credentials",
"k8s.secret.client-id-key": "client-id", "k8s.secret.client-id-key": "client-id",
"k8s.secret.client-secret-key": "client-secret" "k8s.secret.client-secret-key": "client-secret"
},
"protocolMappers": [
{
"name": "groups",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper",
"config": {
"claim.name": "groups",
"full.path": "false",
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true"
} }
} }
]
}
], ],
"groups": [ "groups": [
{ {