apiVersion: apps/v1
kind: Deployment
metadata:
  name: keycloak
  namespace: postgres-operator
  labels:
    app.kubernetes.io/name: keycloak
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: keycloak
  template:
    metadata:
      labels:
        app.kubernetes.io/name: keycloak
    spec:
      containers:
      - image: quay.io/keycloak/keycloak:latest
        name: keycloak
        env:
        - name: DB_VENDOR
          value: "postgres"
        - name: DB_ADDR
          valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: host } }
        - name: DB_PORT
          valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: port } }
        - name: DB_DATABASE
          valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: dbname } }
        - name: DB_USER
          valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: user } }
        - name: DB_PASSWORD
          valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: password } }
        - name: KEYCLOAK_USER
          value: "admin"
        - name: KEYCLOAK_PASSWORD
          value: "admin"
        - name: PROXY_ADDRESS_FORWARDING
          value: "true"
        ports:
        - name: http
          containerPort: 8080
        - name: https
          containerPort: 8443
        readinessProbe:
          httpGet:
            path: /auth/realms/master
            port: 8080
      restartPolicy: Always