fix: add ingress annotations for keycloak (#1890)
fixes: #1839
Reviewed-by: Oleksandr K.
diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index e596d84..f1b8bba 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -99,8 +99,7 @@
ingress_service_name: "{{ keycloak_helm_release_name }}"
ingress_service_port: 80
ingress_secret_name: "{{ keycloak_host_tls_secret_name }}"
- ingress_annotations:
- cert-manager.io/cluster-issuer: "{{ keycloak_ingress_cluster_issuer }}"
+ ingress_annotations: "{{ _keycloak_ingress_annotations | combine(keycloak_ingress_annotations, recursive=True) }}"
- name: Enable pxc strict mode
run_once: true
diff --git a/roles/keycloak/vars/main.yml b/roles/keycloak/vars/main.yml
index a03de36..41ee1ee 100644
--- a/roles/keycloak/vars/main.yml
+++ b/roles/keycloak/vars/main.yml
@@ -12,6 +12,9 @@
# License for the specific language governing permissions and limitations
# under the License.
+_keycloak_ingress_annotations:
+ cert-manager.io/cluster-issuer: "{{ keycloak_ingress_cluster_issuer }}"
+
_keycloak_helm_values:
# NOTE(mnaser): These workarounds below are needed to allow the Bitnami Helm chart to work with
# the upstream image.