44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: keycloak-db-init-v3
|
|
namespace: pg-init
|
|
spec:
|
|
ttlSecondsAfterFinished: 300
|
|
template:
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
containers:
|
|
- name: db-init
|
|
image: postgres:17
|
|
env:
|
|
- name: PGHOST
|
|
value: pgbouncer.default.svc.cluster.local
|
|
- name: PGPORT
|
|
value: "6432"
|
|
- name: PGUSER
|
|
value: pginit
|
|
- name: PGDATABASE
|
|
value: postgres
|
|
- name: PGPASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pg-init-secret
|
|
key: password
|
|
- name: KC_DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: keycloak-db-bootstrap-secret
|
|
key: password
|
|
command:
|
|
- bash
|
|
- -ec
|
|
- |
|
|
psql -c "SELECT 1 FROM pg_roles WHERE rolname='keycloak'" | grep -q 1 || \
|
|
psql -c "CREATE USER keycloak WITH PASSWORD '${KC_DB_PASSWORD}';"
|
|
psql -c "GRANT keycloak TO pginit;"
|
|
psql -c "SELECT 1 FROM pg_database WHERE datname='keycloak'" | grep -q 1 || \
|
|
psql -c "CREATE DATABASE keycloak OWNER keycloak;"
|
|
psql -c "GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak;"
|
|
psql -d keycloak -c "GRANT ALL ON SCHEMA public TO keycloak;"
|