From a08006e532a4c4594ca61ef18514f0ad5716e5bc Mon Sep 17 00:00:00 2001
From: roger yuan <roger.yuan@yoppworks.com>
Date: Tue, 20 Apr 2021 09:20:38 -0600
Subject: [PATCH] [AAI] Keycloak integration into aai-resources updates

fix Keycloak integration into aai-resources PR by
replacing all hard coded values
with reference values in values.yaml file.

Issue-ID: AAI-3326
Signed-off-by: Roger Yuan <roger.yuan@yoppworks.com>
Change-Id: Ie8bd900d6512ad171ed3a5977a2f7e9e1c1da5ab
---
 .../resources/config/application-keycloak.properties       |  6 +++---
 kubernetes/aai/components/aai-resources/values.yaml        | 14 ++++++++++++--
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
index 4f480cb5d7..774e8bd5ca 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
@@ -3,10 +3,10 @@ spring.autoconfigure.exclude=\
   org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
   org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
 
-multi.tenancy.enabled=true
+multi.tenancy.enabled={{ .Values.config.keycloak.multiTenancy.enabled }}
 keycloak.auth-server-url=http://{{ .Values.config.keycloak.host }}:{{ .Values.config.keycloak.port }}/auth
-keycloak.realm=aai-resources
-keycloak.resource=aai-resources-app
+keycloak.realm={{ .Values.config.keycloak.realm }}
+keycloak.resource={{ .Values.config.keycloak.resource }}
 keycloak.public-client=true
 keycloak.principal-attribute=preferred_username
 
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index b84139161e..f30b067b2e 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -49,7 +49,7 @@ global: # global defaults
 
     # Active spring profiles for the resources microservice
     profiles:
-      active: production,dmaap,aaf-auth
+      active: production,dmaap,aaf-auth #,keycloak
 
     # Notification event specific properties
     notification:
@@ -164,9 +164,19 @@ replicaCount: 1
 
 # Configuration for the resources deployment
 config:
+  # configure keycloak according to your environment.
+  # don't forget to add keycloak in active profiles above (global.config.profiles)
   keycloak:
-    host: localhost
+    host: keycloak.your.domain
     port: 8180
+    # Specifies a set of users, credentials, roles, and groups
+    realm: aai-resources
+    # Used by any client application for enabling fine-grained authorization for their protected resources
+    resource: aai-resources-app
+    # If set to true, additional criteria will be added that match the data-owner property with the given role
+    # to the user in keycloak
+    multiTenancy:
+      enabled: true
 
   # Specifies crud related operation timeouts and overrides
   crud:
-- 
2.16.6