DevOps Plan for Single Sign On support with Keycloak

Single Sign-On support is offered by using Keycloak.

By default, DevOps Plan sets the Single Sign-On functionality to disable. To enable Signle Sign-On functionality, modify the default values as shown in the table.

Table 1. Installation Manager Helm Chart
Parameter Description Default value
keycloak.enabled This parameter enables or disables the DevOps Plan Single Sign-On service. This parameter is required to use the DevOps Plan Single Sign-On Service. Accepted values are:
  • True: enables the DevOps Plan Single Sign-On service.
  • False: disables the DevOps Plan Single Sign-On service.
 true
keycloak.service.enabled This parameter enables or disables the Keycloak service in DevOps Plan Helm Chart for Single Sign-On service. This parameter is required to use the DevOps Plan Single Sign-On feature and deploy Keycloak with DevOps Plan Helm Chart. Accepted values are:
  • True: enables the DevOps Plan Keycloak service.
  • False: disables the DevOps Plan Keycloak service.

true
keycloak.service.replicaCount Number of replica Keycloak pods. This parameter is required if keycloak.service.enabled=true. 1
keycloak.service.image.repository DevOps Plan Keycloak docker image repository path. This parameter is required if keycloak.service.enabled=true. ccm/ccm-keycloak
keycloak.service.image.tag DevOps Plan Keycloak image tag. This parameter is required if keycloak.service.enabled=true. 3.0.4
keycloak.service.image.pullPolicy DevOps Plan Keycloak image pull policy. This parameter is required if keycloak.service.enabled=true. Accepted values are:
  • IfNotPresent
  • Always
 IfNotPresent
keycloak.service.hostname DevOps Plan Keycloak hostname. ccm-keycloak
keycloak.service.type DevOps Plan Keycloak service type. ClusterIP
keycloak.service.exposePort DevOps Plan Keycloak service port. ""
keycloak.service.ipAddress Cluster IP address of Hostname ""
keycloak.username Keycloak Administration Console username. admin
keycloak.password Keycloak Administration Console password. ""
keycloak.service.existingPassword Keycloak existing password. ""
keycloak.ipAddress Cluster IP address or Hostname. ""
keycloak.realmName Keycloak realm name. CCM
keycloak.dashboardsClientID Keycloak client ID for dashboards. dashboards-client
keycloak.dashbaordsClientSecret Keycloak client ID secret for dashboards. 58846041-eb1e-46d8-bac4-b2ba541ff491
keycloak.urlMapping Keycloak URL ""
keycloak.service.tls.enabled This parameter enables installation of the Keycloak TLS certificate and private key files. Accepted values are:
  • True: enables installing TLS files.
  • False: disables installing TLS files.
 true
keycloak.service.tls.configMapName This is the configMap file name that contains the TLS certificate and TLS private key files. This parameter is required if keycloak.service.enabled=true. keycloak-tls
keycloak.service.importRealm.enabled This parameter enables importing Keycloak realm configuration file. Accepted values are:
  • True: enables importing Keycloak realm configuration file.
  • False: disables importing Keycloak realm configuration files.
 false
keycloak.service.importRealm.fileName This is the configMap file name that contains the realm configuration file. This parameter is required if keycloak.service.enabled=true and keycloak.service.importRealm.enabled=true. realm.json
keycloak.service.configMapName.fileName This is the configMap file name that contains the realm configuration file. This parameter is required if keycloak.service.enabled=true and keycloak.service.importRealm.enabled=true. realm-json
keycloak.jsonFile.enabled This parameter enables installing the keycloak.json file to the REST API services /data folder. Accepted values are:
  • True: enables installing the keycloak.json file.
  • False: disables installing the keycloak.json file.
 false
keycloak.jsonFile.configMapName This the configMap file name that contains the keycloak.json file. This parameter is required if keycloak.jsonFile.enabled=true. keycloak-json