feat: #117 UPdating Keycloak, Postgres and MongoDB to latest possible versions

Signed-off-by: Laurent Broudoux <laurent.broudoux@gmail.com>

Author: lbroudoux

k8s/keycloak-config.yml

@@ -204,5 +204,16 @@ data:
       ],
       "identityProviders": [
       ],
+      "requiredActions": [
+        {
+          "alias": "VERIFY_PROFILE",
+          "name": "Verify Profile",
+          "providerId": "VERIFY_PROFILE",
+          "enabled": false,
+          "defaultAction": false,
+          "priority": 90,
+          "config": {}
+        }
+      ],
       "keycloakVersion": "10.0.1"
     }

k8s/keycloak-postgres-deployment.yml

@@ -32,16 +32,11 @@ spec:
         container: keycloak-postgresql
         group: microcks
     spec:
-      {% if 'route.openshift.io' not in api_groups -%}
-      securityContext:
-        runAsUser: 26
-        runAsGroup: 26
-        fsGroup: 26
-      {% endif -%}
       terminationGracePeriodSeconds: 60
       containers:
       - name: keycloak-postgresql
         image: {{keycloak.postgres_image}}
+        args: ["-c", "max_connections=100", "-c", "shared_buffers=12MB"]
         imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 5432
@@ -54,30 +49,25 @@ spec:
             - "/bin/sh"
             - "-i"
             - "-c"
-            - psql 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE}
-              -c 'SELECT 1'
+            - psql 127.0.0.1 -U ${POSTGRES_USER} -q -d ${POSTGRES_DB} -c 'SELECT 1'
         livenessProbe:
           timeoutSeconds: 1
           initialDelaySeconds: 30
           tcpSocket:
             port: 5432
         env:
-        - name: POSTGRESQL_USER
+        - name: POSTGRES_USER
           valueFrom:
             secretKeyRef:
               key: postgresUsername
               name: "{{name}}-keycloak-admin"
-        - name: POSTGRESQL_PASSWORD
+        - name: POSTGRES_PASSWORD
           valueFrom:
             secretKeyRef:
               key: postgresPassword
               name: "{{name}}-keycloak-admin"
-        - name: POSTGRESQL_DATABASE
+        - name: POSTGRES_DB
           value: root
-        - name: POSTGRESQL_MAX_CONNECTIONS
-          value: '100'
-        - name: POSTGRESQL_SHARED_BUFFERS
-          value: 12MB
         volumeMounts:
           - name: "{{name}}-keycloak-postgresql-data"
             mountPath: "/var/lib/pgsql/data"

k8s/mongodb-config.yml

@@ -0,0 +1,15 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: "{{name}}-mongodb-init"
+  namespace: '{{ meta.namespace }}'
+  labels:
+    app: "{{name}}"
+    container: mongodb
+    group: microcks
+data:
+  create-user.sh: |-
+    #!/bin/bash
+    echo "Started Adding the Users..."
+    mongo admin --eval "db.getSiblingDB('${MONGO_INITDB_DATABASE}').createUser({user: '${MONGODB_USER}', pwd: '${MONGODB_PASSWORD}', roles: [{role: 'readWrite', db: '${MONGO_INITDB_DATABASE}'}]})"
+    echo "End Adding the User Roles."

k8s/mongodb-deployment.yml

@@ -42,6 +42,7 @@ spec:
       containers:
       - name: mongodb
         image: {{mongodb.image}}
+        args: ["--dbpath","/var/lib/mongodb/data"]
         ports:
         - containerPort: 27017
           protocol: TCP
@@ -56,12 +57,17 @@ spec:
               secretKeyRef:
                 key: password
                 name: "{{name}}-mongodb-connection"
-          - name: MONGODB_ADMIN_PASSWORD
+          - name: MONGO_INITDB_ROOT_USERNAME
+            valueFrom:
+              secretKeyRef:
+                key: adminUsername
+                name: "{{name}}-mongodb-connection"
+          - name: MONGO_INITDB_ROOT_PASSWORD
             valueFrom:
               secretKeyRef:
                 key: adminPassword
                 name: "{{name}}-mongodb-connection"
-          - name: MONGODB_DATABASE
+          - name: MONGO_INITDB_DATABASE
             value: "{{name}}"
         resources:
           {{ mongodb.resources | to_nice_yaml(indent=10) | trim | indent(10) }}
@@ -73,7 +79,7 @@ spec:
             - "/bin/sh"
             - "-i"
             - "-c"
-            - mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD
+            - mongo 127.0.0.1:27017/$MONGO_INITDB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD
               --eval="quit()"
         livenessProbe:
           timeoutSeconds: 1
@@ -83,6 +89,8 @@ spec:
         volumeMounts:
         - name: "{{name}}-mongodb-data"
           mountPath: "/var/lib/mongodb/data"
+        - name: custom-init-scripts
+          mountPath: /docker-entrypoint-initdb.d
         terminationMessagePath: "/dev/termination-log"
         imagePullPolicy: IfNotPresent
         securityContext:
@@ -96,4 +104,8 @@ spec:
           claimName: "{{name}}-mongodb"
         {% else %}emptyDir:
           medium: ''
-        {% endif %}
+        {% endif %}
+        
+      - name: custom-init-scripts
+        configMap:
+          name: "{{name}}-mongodb-init"

k8s/mongodb-secret.yml

@@ -12,9 +12,12 @@ stringData:
   {% if 'username' in mongodb %}username: '{{mongodb.username}}'
   {% else %}username: user{{ lookup('password', '/dev/null length=5 chars=ascii_letters') }}
   {% endif %}
+  
 data:
   {% if 'password' in mongodb %}password: {{ mongodb.password | b64encode | quote }}
-  {% else %}password: {{ lookup('password', '/dev/null length=32 chars=ascii_letters') | b64encode | quote }}
+  {% else %}password: {{ lookup('password', '/dev/null length=32 chars=ascii_letters') | b64encode | quote }}
+  {% endif %}{% if 'adminUsername' in mongodb %}adminUsername: {{ mongodb.adminUsername | b64encode | quote }}
+  {% else %}adminUsername: {{ lookup('password', '/dev/null length=16 chars=ascii_letters') | b64encode | quote }}
   {% endif %}{% if 'adminPassword' in mongodb %}adminPassword: {{ mongodb.adminPassword | b64encode | quote }}
-  {% else %}adminPassword: {{ lookup('password', '/dev/null length=32 chars=ascii_letters') | b64encode | quote }}
+  {% else %}adminPassword: {{ lookup('password', '/dev/null length=32 chars=ascii_letters') | b64encode | quote }}
   {% endif %}

roles/microcks/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 # defaults specification file for microcks installation
 name: microcks
-version: 1.7.0
+version: 1.9.1
 microcks: 
   replicas: 1
   #url: microcks.192.168.99.100.nip.io
@@ -56,7 +56,7 @@ postman:
 keycloak:
   install: true
   realm: microcks
-  image: keycloak/keycloak:22.0.3
+  image: keycloak/keycloak:24.0.4
   # Now that we switched to newer version of Keycloak-X, url must include the
   # '/auth' path if you use an older external Keycloak instance.
   #url: keycloak.192.168.99.100.nip.io
@@ -81,7 +81,7 @@ keycloak:
   persistent: true
   volume_size: 1Gi
   #storage_class_name: my-awesome-class
-  postgres_image: centos/postgresql-95-centos7:latest
+  postgres_image: library/postgres:16.3-alpine
   openshift:
     route:
       enabled: true
@@ -111,7 +111,7 @@ mongodb:
   persistent: true
   volume_size: 2Gi
   #storage_class_name: my-awesome-class
-  image: centos/mongodb-36-centos7:latest
+  image: library/mongo:4.4.29
   resources:
     #requests:
       #cpu: 250m

roles/microcks/tasks/main.yml

@@ -41,6 +41,12 @@
     force: False
     definition: "{{ lookup('template', 'mongodb-pvc.yml') | from_yaml  }}"
 
+- name: The MongoDB ConfigMap is present if mongodb.install == true
+  when: mongodb.install|bool
+  k8s:
+    state: "{{ 'present' if mongodb.install|bool else 'absent' }}"
+    definition: "{{ lookup('template', 'mongodb-config.yml') | from_yaml  }}"
+
 - name: The MongoDB Deployment is present if mongodb.install == true
   when: mongodb.install|bool
   k8s: