feat: updated kc operator chart and gitea config

Author: Ani1357

charts/apl-keycloak-operator/templates/deployment.yaml

@@ -31,19 +31,34 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+          
+          command:
           {{- if (not (empty .Values.configs.tls.certificates)) }}
-          command: ['/bin/sh', '-c']
-          args: ['export NODE_EXTRA_CA_CERTS=/app/config/tls/certificate.crt && npm run operator:keycloak']
+            - '/bin/sh'
+            - '-c'
+          {{- else }}
+            - 'npm'
+            - 'run'
+            - 'operator:keycloak'
+          {{- end }}
+          args:
+          {{- if (not (empty .Values.configs.tls.certificates)) }}
+            - 'export NODE_EXTRA_CA_CERTS=/app/config/tls/certificate.crt'
+            - '&&'
+            - 'npm run operator:keycloak'
+          {{- end }}
           env:
+          {{- if (not (empty .Values.configs.tls.certificates)) }}
           - name: NODE_EXTRA_CA_CERTS
             value: "/app/config/tls/certificate.crt"
-          {{- else }}
-          command: ['npm', 'run', 'operator:keycloak']
+          {{- end }}
+          {{- with .Values.extraEnv }}
+          {{- toYaml . | nindent 12 }}
           {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-          {{- if (not (empty .Values.configs.tls.certificates)) }}
           volumeMounts:
+          {{- if (not (empty .Values.configs.tls.certificates)) }}
           - name: tls-certs
             mountPath: /app/config/tls/certificate.crt
             subPath: certificate.crt

charts/apl-keycloak-operator/values.yaml

@@ -40,6 +40,8 @@ configs:
   tls: 
     certificates: {}
 
+extraEnv: []
+
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little

helmfile.d/snippets/defaults.yaml

@@ -946,6 +946,10 @@ environments:
                   memory: 1Gi
             _rawValues: {}
           apl-keycloak-operator:
+            extraEnv:
+            - name: KEYCLOAK_TOKEN_TTL
+              value: "1h"
+            - 
             resources:
               operator:
                 requests:

values/gitea/gitea.gotmpl

@@ -102,8 +102,8 @@ gitea:
       COOKIE_SECURE: true
       DOMAIN: {{ $giteaDomain }}
       PROVIDER: memory
-      GC_INTERVAL_TIME: 3600
-      SESSION_LIFE_TIME: 3600
+      GC_INTERVAL_TIME: 900
+      SESSION_LIFE_TIME: 1800
     webhook:
       ALLOWED_HOST_LIST: "*"
     server:

values/oauth2-proxy/oauth2-proxy.gotmpl

@@ -55,7 +55,8 @@ extraArgs:
   - --cookie-secure=true
   # - # cookie-httponly=true
   - --reverse-proxy=true
-  - --cookie-refresh=0h1m0s # set to the same as keycloak realm's accessCodeLifespan 
+  - --cookie-refresh=1m # set to the same as keycloak realm's accessCodeLifespan
+  - --cookie-expire=3m
   - --pass-authorization-header=true
   # - # pass-basic-auth=true
   - --skip-auth-regex='/manifest.json'