如何在Kubernetes上的Keycloak Operator部署上创建自定义主题? [英] How to create custom themes on Keycloak Operator deployment on Kubernetes?

问题描述

$ sudo kind create cluster --name aftab-cluster --config cluster-config.yaml
$ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.17.0/install.sh | bash -s v0.17.0
$ kubectl apply -f keycloak_backup.yaml
$ kubectl apply -f keycloaks_client.yaml
$ kubectl apply -f keycloaks_realm.yaml         //Theme configs not there. So, added loginTheme.

loginTheme:
  description: Login Theme
  type: string
loginWithEmailAllowed:
  description: Login with email
  type: boolean

$ kubectl apply -f keycloak_users.yaml
$ kubectl apply -f keycloaks_crd.yaml
$ kubectl apply -f namespace.yaml
$ kubectl apply -f role.yaml -n keycloak-namespace
$ kubectl apply -f role_binding.yaml -n keycloak-namespace
$ kubectl apply -f sa.yaml -n keycloak-namespace
$ kubectl apply -f operator.yaml -n keycloak-namespace
$ kubectl apply -f keycloak.yaml -n keycloak-namespace  

apiVersion: keycloak.org/v1alpha1
kind: Keycloak
metadata:
  name: example-keycloak
  labels:
   app: sso
spec:
  instances: 1
  extensions:
   - /PATH/FOR/MY/COLOR-THEME/JAR/
  externalAccess:
    enabled: True       

步骤2:验证Pod是否正在运行.运行愉快.

$ kubectl get po -n keycloak-namespace      // I can see podsa are running successfuly.
NAME                                   READY   STATUS    RESTARTS   AGE
keycloak-0                             1/1     Running   0          3m13s
keycloak-operator-798747fb9d-2lgzn     1/1     Running   0          4m21s
keycloak-postgresql-85579c4d6d-4tgxj   1/1     Running   0          3m13s

第3步:创建新的领域和客户端

$ kubectl apply -f my-realm.yaml -n keycloak-namespace

apiVersion: keycloak.org/v1alpha1
kind: KeycloakRealm
metadata:
  name: myrealm-realm
  labels:
    app: myrealm-realm
spec:
  realm:
    id: "myrealm"
    realm: "myrealm"
    enabled: True
    displayName: "myrealm"
    userRegistration: True
    registrationAllowed: True
    editUsernameAllowed: True
    resetPasswordAllowed: True
    rememberMe: True
    registrationEmailAsUsername: True
    loginTheme: "COLOR-THEME"                <<<<<<<<<< MY CUSTOM THEME
    users:
      - username: "admin"
        firstName: "Admin"
        realmRoles:
          - "offline_access"
          - "uma_authorization"

$ kubectl apply -f my-client.yaml -n keycloak-namespace

步骤4:最后，访问了http://localhost:3010的keycloak实例，按预期方式工作.

范围，客户，用户等状况良好.但是，在领域设置选项卡上找不到我的COLOR-THEME.那里只有默认的主题(按键斗篷和基本主题).

Step-4: Finally, accessed keycloak instance at http://localhost:3010, Working as expected.

Reams, clients, users, etc are looking good. But, my COLOR-THEME not found at the realm setting tab. Only default themes are there (keycloak and base).

$ ls
cluster-config.yaml  keycloak_backup.yaml   keycloaks_crd.yaml    namespace.yaml  role_binding.yaml  my-client.yaml
xyz                  keycloak_users.yaml    keycloaks_realm.yaml  operator.yaml   sa.yaml            my_realm.yaml
keycloak.yaml        keycloaks_client.yaml  keyclok-ing.yaml      role.yaml       themes             myrealm-realm.yaml

推荐答案

我们如何使用CRD来使用或创建新的Keycloak主题?

How do we use CRDs in order to use or create new Keycloak themes?

对于问题的第一部分，如果要添加/更改Keycloak操作员本机可识别的字段(即领域主题")，则唯一要做的更改是将以下内容添加到您的每个Realm CRD中:

For the first part of the question, if you want to add/change a field (i.e., the Realm Theme) that the Keycloak Operator recognizes natively, the only change you will have to do is to add to the each of your Realm CRD, the following:

spec:
  realm:
    id: Realm_ID
    ...
    loginTheme: "my_login_theme"

第二部分(即创建新的Keycloak主题):

For the second part (i.e., create new Keycloak themes):

不能.首先，创建新主题，将新主题的文件夹添加到Keycloak部署中，然后如前所述将其添加到Keycloak Operator中.

You can't. First you create the new Theme, add the folders of the new Theme into the Keycloak deployment, then you add to the Keycloak Operator as previously mentioned.

要检查Keycloak操作员是否支持

To check if the Keycloak Operator support the loginTheme field search in the file keycloak-operator/deploy/crds/keycloak.org_keycloakrealms.yaml. If it is not there, you will need to add:

            loginTheme:
              description: Login Theme
              type: string
            loginWithEmailAllowed:
              description: Login with email
              type: boolean

此外，在文件 pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go，您需要将该额外字段添加到KeycloakAPIRealm结构中，即:

Moreover, in the file pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go you need to add that extra field to the KeycloakAPIRealm struct, namely:

type KeycloakAPIRealm struct {
    // +kubebuilder:validation:Required
    // +optional
    ID string `json:"id"`
    // Realm name.
    // +kubebuilder:validation:Required
    Realm string `json:"realm"`
    // Realm enabled flag.
    // +optional
    Enabled bool `json:"enabled"`
    // Login Theme name 
    // +optional
    LoginTheme string `json:"loginTheme,omitempty"`
    .....
}

构建项目并运行.

这篇关于如何在Kubernetes上的Keycloak Operator部署上创建自定义主题?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！