deploy-templates/templates/CitizenIdGovUaAuthFlow.yaml (78 lines of code) (raw):
{{- $authFlowSpec := .Values.keycloak.authFlows.citizenIdGovUaAuthFlow }}
apiVersion: v1.edp.epam.com/v1alpha1
kind: KeycloakAuthFlow
metadata:
name: {{ $authFlowSpec.name }}
annotations:
"helm.sh/resource-policy": keep
labels:
created-by: {{ .Values.appLabel }}
spec:
alias: {{ $authFlowSpec.alias }}
authenticationExecutions:
- authenticator: {{ $authFlowSpec.authenticators.reviewConfigAuthenticator.name }}
requirement: {{ $authFlowSpec.authenticators.reviewConfigAuthenticator.requirement }}
priority: {{ $authFlowSpec.authenticators.reviewConfigAuthenticator.priority }}
authenticatorConfig:
alias: {{ $authFlowSpec.authenticators.reviewConfigAuthenticator.name }}-configuration
config:
update.profile.on.first.login: "off"
- authenticator: {{ $authFlowSpec.authenticators.citizenRolesAuthenticator.name }}
authenticatorConfig:
alias: {{ $authFlowSpec.authenticators.citizenRolesAuthenticator.name }}-configuration
config:
citizenDefaultRoles: '{{ $authFlowSpec.authenticators.citizenRolesAuthenticator.authenticatorConfig.citizenDefaultRoles }}'
entrepreneurDefaultRoles: '{{ $authFlowSpec.authenticators.citizenRolesAuthenticator.authenticatorConfig.entrepreneurDefaultRoles }}'
legalDefaultRoles: '{{ $authFlowSpec.authenticators.citizenRolesAuthenticator.authenticatorConfig.legalDefaultRoles }}'
edrCheck: '{{ .Values.keycloak.citizenAuthFlow.edrCheck }}'
{{- if .Values.trembita }}
{{- if (index (index .Values.trembita.registries "edr-registry") "user-id") }}
{{- $trembitaConfig := index (index .Values.trembita.registries "edr-registry") }}
trembitaUserId: {{ index $trembitaConfig "user-id" | squote }}
trembitaUrl: {{ $trembitaConfig.url | squote }}
trembitaProtocolVersion: {{ index $trembitaConfig "protocol-version" | squote }}
clientXRoadInstance: {{ index $trembitaConfig.client "x-road-instance" | squote }}
clientMemberClass: {{ index $trembitaConfig.client "member-class" | squote }}
clientMemberCode: {{ index $trembitaConfig.client "member-code" | squote }}
clientSubsystemCode: {{ index $trembitaConfig.client "subsystem-code" | squote }}
registryToken: ''
registryXRoadInstance: {{ index $trembitaConfig.service "x-road-instance" | squote }}
registryMemberClass: {{ index $trembitaConfig.service "member-class" | squote }}
registryMemberCode: {{ index $trembitaConfig.service "member-code" | squote }}
registrySubsystemCode: {{ index $trembitaConfig.service "subsystem-code" | squote }}
{{- else }}
{{- $trembitaConfig := index .Values.trembitaMock.registries "edr-registry" }}
trembitaUserId: {{ index $trembitaConfig "user-id" | squote }}
trembitaUrl: {{ tpl $trembitaConfig.url . | squote }}
trembitaProtocolVersion: {{ index $trembitaConfig "protocol-version" | squote }}
clientXRoadInstance: {{ index $trembitaConfig.client "x-road-instance" | squote }}
clientMemberClass: {{ index $trembitaConfig.client "member-class" | squote }}
clientMemberCode: {{ index $trembitaConfig.client "member-code" | squote }}
clientSubsystemCode: {{ index $trembitaConfig.client "subsystem-code" | squote }}
registryToken: 'token'
registryXRoadInstance: {{ index $trembitaConfig.service "x-road-instance" | squote }}
registryMemberClass: {{ index $trembitaConfig.service "member-class" | squote }}
registryMemberCode: {{ index $trembitaConfig.service "member-code" | squote }}
registrySubsystemCode: {{ index $trembitaConfig.service "subsystem-code" | squote }}
{{- end }}
{{- else }}
{{- $trembitaConfig := index .Values.trembitaMock.registries "edr-registry" }}
trembitaUserId: {{ index $trembitaConfig "user-id" | squote }}
trembitaUrl: {{ tpl $trembitaConfig.url . | squote }}
trembitaProtocolVersion: {{ index $trembitaConfig "protocol-version" | squote }}
clientXRoadInstance: {{ index $trembitaConfig.client "x-road-instance" | squote }}
clientMemberClass: {{ index $trembitaConfig.client "member-class" | squote }}
clientMemberCode: {{ index $trembitaConfig.client "member-code" | squote }}
clientSubsystemCode: {{ index $trembitaConfig.client "subsystem-code" | squote }}
registryToken: 'token'
registryXRoadInstance: {{ index $trembitaConfig.service "x-road-instance" | squote }}
registryMemberClass: {{ index $trembitaConfig.service "member-class" | squote }}
registryMemberCode: {{ index $trembitaConfig.service "member-code" | squote }}
registrySubsystemCode: {{ index $trembitaConfig.service "subsystem-code" | squote }}
{{- end }}
priority: {{ $authFlowSpec.authenticators.citizenRolesAuthenticator.priority }}
requirement: {{ $authFlowSpec.authenticators.citizenRolesAuthenticator.requirement }}
builtIn: {{ $authFlowSpec.builtIn }}
providerId: {{ $authFlowSpec.providerId }}
realm: {{ $authFlowSpec.realm }}
topLevel: {{ $authFlowSpec.topLevel }}