Skip to content

ettysekhon/platform-auth

BranchesTags

Repository files navigation

Platform Auth

Keycloak 26.4.7 on GKE. Central OIDC provider for cumulus-creations.com subdomains.

Deploy

make deploy                              # Helm install
export TF_VAR_keycloak_admin_password=x
make tf-init && make tf-apply            # Realm config

Tag to trigger CI deploy: git tag v0.1.0 && git push origin v0.1.0

Structure

helm/                     # Keycloak + PostgreSQL
terraform/realms/         # Realm configs per app
.github/workflows/        # ci.yaml (lint/test), deploy.yaml (GKE)

Secrets

Secret Source
GCP_WIF_PROVIDER terraform output -raw wif_provider (infrastructure repo)
GCP_WIF_SA terraform output -raw service_account_email

Endpoints

Purpose URL
Admin https://auth.cumulus-creations.com/admin
OIDC Discovery https://auth.cumulus-creations.com/realms/meal-planner/.well-known/openid-configuration

Operations

# Admin password
kubectl get secret keycloak-admin-secret -n auth-platform -o jsonpath='{.data.password}' | base64 -d

# Client secret
cd terraform/realms/meal-planner && terraform output -raw client_secret

# Port forward
kubectl port-forward svc/platform-auth-keycloak 8080:8080 -n auth-platform

About

Keycloak 26.x on GKE with Helm + Terraform realm management. OAuth 2.1/OIDC provider for cumulus-creations.com.

auth.cumulus-creations.com

Topics

kubernetes infrastructure devops oauth2 keycloak authentication terraform helm gcp google-cloud gke oidc

Resources

Readme

Contributing

Contributing

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages