Kampe/keycloak-operator

A Kubernetes Operator based on the Operator SDK for syncing resources in Keycloak

Keycloak Operator

A Kubernetes Operator based on the Operator SDK for creating and syncing resources in Keycloak.

Help and Documentation

The documentation might be found in the docs directory.

• Keycloak documentation
• User Mailing List - Mailing list for help and general questions about Keycloak
• JIRA - Issue tracker for bugs and feature requests

Reporting Security Vulnerabilities

If you've found a security vulnerability, please look at the instructions on how to properly report it

Reporting an issue

If you believe you have discovered a defect in the Keycloak Operator please open an issue in our Issue Tracker. Please remember to provide a good summary, description as well as steps to reproduce the issue.

Supported Custom Resources

CustomResourceDefinition	Description
Keycloak	Manages, installs and configures Keycloak on the cluster
KeycloakRealm	Represents a realm in a keycloak server
KeycloakClient	Represents a client in a keycloak server
KeycloakBackup	Manage Keycloak database backups

Deploying to a Cluster

Note: You will need a running Kubernetes or OpenShift cluster to use the Operator

1. Run make cluster/prepare # This will apply the necessary Custom Resource Definitions (CRDs) and RBAC rules to the clusters
2. Run kubectl apply -f deploy/operator.yaml # This will start the operator in the current namespace

Creating Keycloak Instance

Once the CRDs and RBAC rules are applied and the operator is running. Use the examples from the operator.

1. Run kubectl apply -f deploy/examples/keycloak/keycloak.yaml

Building from Source

To build from source refer to the building and working with the code base guide.

Components versions

All images used by the Operator might be controlled using dedicated Environmental Variables:

Image	Environment variable	Default
Keycloak	RELATED_IMAGE_KEYCLOAK	quay.io/keycloak/keycloak:9.0.2
RHSSO for OpenJ9	RELATED_IMAGE_RHSSO_OPENJ9	registry.redhat.io/rh-sso-7/sso74-openshift-rhel8:7.4-1
RHSSO for OpenJDK	RELATED_IMAGE_RHSSO_OPENJDK	registry.redhat.io/rh-sso-7/sso74-openshift-rhel8:7.4-1
Init container	RELATED_IMAGE_KEYCLOAK_INIT_CONTAINER	quay.io/keycloak/keycloak-init-container:master
Backup container	RELATED_IMAGE_RHMI_BACKUP_CONTAINER	quay.io/integreatly/backup-container:1.0.10
Postgresql	RELATED_IMAGE_POSTGRESQL	registry.redhat.io/rhel8/postgresql-10:1

Contributing

Before contributing to Keycloak Operator please read our contributing guidelines.

Other Keycloak Projects

• Keycloak - Keycloak Server and Java adapters
• Keycloak Documentation - Documentation for Keycloak
• Keycloak QuickStarts - QuickStarts for getting started with Keycloak
• Keycloak Docker - Docker images for Keycloak
• Keycloak Gatekeeper - Proxy service to secure apps and services with Keycloak
• Keycloak Node.js Connect - Node.js adapter for Keycloak
• Keycloak Node.js Admin Client - Node.js library for Keycloak Admin REST API

License

• Apache License, Version 2.0