Documentation
¶
Index ¶
- Constants
- Variables
- func GetKeycloakClientFromRealmInstance(ctx context.Context, c client.Client, clientManager *keycloak.ClientManager, ...) (*keycloak.Client, string, error)
- func GetKeycloakConfigFromClusterInstance(ctx context.Context, c client.Client, ...) (keycloak.Config, error)
- func GetKeycloakConfigFromInstance(ctx context.Context, c client.Client, ...) (keycloak.Config, error)
- func GetSyncPeriod() time.Duration
- func RecordError(controller, errorType string)
- func RecordKeycloakAPIRequest(instance, method, endpoint, status string, latency float64)
- func RecordReconcile(controller string, success bool, duration float64)
- func SetKeycloakConnectionStatus(instance, namespace string, connected bool)
- func SetResourceCounts(resourceType, namespace string, managed, ready int)
- func SetSyncPeriod(d time.Duration)
- func ShouldPreserveResource(obj client.Object) bool
- type ClusterKeycloakInstanceReconciler
- type ClusterKeycloakRealmReconciler
- type KeycloakAuthenticationFlowReconciler
- type KeycloakClientReconciler
- type KeycloakClientScopeReconciler
- type KeycloakComponentReconciler
- type KeycloakGroupReconciler
- type KeycloakIdentityProviderReconciler
- type KeycloakInstanceReconciler
- type KeycloakOrganizationReconciler
- type KeycloakProtocolMapperReconciler
- type KeycloakRealmReconciler
- type KeycloakRequiredActionReconciler
- type KeycloakRoleMappingReconciler
- type KeycloakRoleReconciler
- type KeycloakUserCredentialReconciler
- type KeycloakUserReconciler
Constants ¶
const ( // FinalizerName is the finalizer used by all controllers FinalizerName = "keycloak.hostzero.com/finalizer" // PreserveResourceAnnotation is the annotation that prevents deletion of the resource in Keycloak // when the CR is deleted. Set to "true" to preserve the resource. PreserveResourceAnnotation = "keycloak.hostzero.com/preserve-resource" // RequeueDelay is the default requeue delay RequeueDelay = 10 * time.Second // ErrorRequeueDelay is the requeue delay after an error ErrorRequeueDelay = 30 * time.Second // MinKeycloakMajorVersion is the minimum supported Keycloak major version MinKeycloakMajorVersion = 20 // MinKeycloakVersionString is the human-readable minimum version MinKeycloakVersionString = "20.0.0" )
const ( // DefaultSyncPeriod is the default interval for re-checking successfully reconciled resources. // This allows detecting drift in Keycloak and ensuring resources stay in sync. DefaultSyncPeriod = 5 * time.Minute )
Default timing constants
const (
// MinKeycloakVersionForOrganizations is the minimum version that supports organizations
MinKeycloakVersionForOrganizations = 26
)
Variables ¶
var ( // ReconcileTotal counts total reconciliations per controller and result ReconcileTotal = prometheus.NewCounterVec( prometheus.CounterOpts{ Namespace: metricsNamespace, Name: "reconcile_total", Help: "Total number of reconciliations per controller", }, []string{"controller", "result"}, ) // ReconcileDuration tracks reconciliation duration per controller ReconcileDuration = prometheus.NewHistogramVec( prometheus.HistogramOpts{ Namespace: metricsNamespace, Name: "reconcile_duration_seconds", Help: "Duration of reconciliation in seconds", Buckets: []float64{0.01, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10, 30}, }, []string{"controller"}, ) // ReconcileErrors counts reconciliation errors per controller and error type ReconcileErrors = prometheus.NewCounterVec( prometheus.CounterOpts{ Namespace: metricsNamespace, Name: "reconcile_errors_total", Help: "Total number of reconciliation errors per controller and error type", }, []string{"controller", "error_type"}, ) // ResourcesManaged tracks the number of resources being managed per type ResourcesManaged = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: metricsNamespace, Name: "resources_managed", Help: "Number of resources currently being managed", }, []string{"resource_type", "namespace"}, ) // ResourcesReady tracks how many managed resources are in ready state ResourcesReady = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: metricsNamespace, Name: "resources_ready", Help: "Number of resources in ready state", }, []string{"resource_type", "namespace"}, ) // KeycloakConnectionStatus tracks the connection status to Keycloak instances KeycloakConnectionStatus = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: metricsNamespace, Name: "keycloak_connection_status", Help: "Connection status to Keycloak instances (1=connected, 0=disconnected)", }, []string{"instance", "namespace"}, ) // KeycloakAPIRequestsTotal counts API requests to Keycloak KeycloakAPIRequestsTotal = prometheus.NewCounterVec( prometheus.CounterOpts{ Namespace: metricsNamespace, Name: "keycloak_api_requests_total", Help: "Total number of API requests to Keycloak", }, []string{"instance", "method", "endpoint", "status"}, ) // KeycloakAPILatency tracks Keycloak API request latency KeycloakAPILatency = prometheus.NewHistogramVec( prometheus.HistogramOpts{ Namespace: metricsNamespace, Name: "keycloak_api_latency_seconds", Help: "Latency of Keycloak API requests in seconds", Buckets: []float64{0.01, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10}, }, []string{"instance", "method"}, ) // WorkQueueDepth tracks the depth of the controller work queue WorkQueueDepth = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: metricsNamespace, Name: "workqueue_depth", Help: "Current depth of the controller work queue", }, []string{"controller"}, ) // LastReconcileTime tracks the last successful reconcile time LastReconcileTime = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: metricsNamespace, Name: "last_reconcile_timestamp_seconds", Help: "Unix timestamp of last successful reconciliation", }, []string{"controller"}, ) )
Functions ¶
func GetKeycloakClientFromRealmInstance ¶ added in v0.6.1
func GetKeycloakClientFromRealmInstance(ctx context.Context, c client.Client, clientManager *keycloak.ClientManager, realm *keycloakv1beta1.KeycloakRealm) (*keycloak.Client, string, error)
GetKeycloakClientFromRealmInstance resolves the Keycloak API client for a KeycloakRealm by following its instanceRef or clusterInstanceRef. This is the single source of truth for realm→instance resolution in all child-resource controllers (client, user, group, role, etc.). It also returns the Keycloak server version reported by the resolved instance, which callers can use for version-gated features (organizations, etc.).
func GetKeycloakConfigFromClusterInstance ¶
func GetKeycloakConfigFromClusterInstance(ctx context.Context, c client.Client, instance *keycloakv1beta1.ClusterKeycloakInstance) (keycloak.Config, error)
GetKeycloakConfigFromClusterInstance builds the Keycloak client configuration from a ClusterKeycloakInstance
func GetKeycloakConfigFromInstance ¶
func GetKeycloakConfigFromInstance(ctx context.Context, c client.Client, instance *keycloakv1beta1.KeycloakInstance) (keycloak.Config, error)
GetKeycloakConfigFromInstance builds the Keycloak client configuration from a KeycloakInstance
func GetSyncPeriod ¶
GetSyncPeriod returns the configured sync period for controllers.
func RecordError ¶
func RecordError(controller, errorType string)
RecordError records a reconciliation error
func RecordKeycloakAPIRequest ¶
RecordKeycloakAPIRequest records a Keycloak API request
func RecordReconcile ¶
RecordReconcile records a reconciliation attempt
func SetKeycloakConnectionStatus ¶
SetKeycloakConnectionStatus updates the Keycloak connection status
func SetResourceCounts ¶
SetResourceCounts updates the resource count gauges
func SetSyncPeriod ¶
SetSyncPeriod sets the global sync period for all controllers. This should only be called once during initialization, before any controllers start.
func ShouldPreserveResource ¶ added in v0.2.0
ShouldPreserveResource returns true if the resource should be preserved in Keycloak when the CR is deleted. This is determined by the PreserveResourceAnnotation.
Types ¶
type ClusterKeycloakInstanceReconciler ¶
type ClusterKeycloakInstanceReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
ClusterKeycloakInstanceReconciler reconciles a ClusterKeycloakInstance object
func (*ClusterKeycloakInstanceReconciler) Reconcile ¶
func (r *ClusterKeycloakInstanceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles ClusterKeycloakInstance reconciliation
func (*ClusterKeycloakInstanceReconciler) SetupWithManager ¶
func (r *ClusterKeycloakInstanceReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type ClusterKeycloakRealmReconciler ¶
type ClusterKeycloakRealmReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
ClusterKeycloakRealmReconciler reconciles a ClusterKeycloakRealm object
func (*ClusterKeycloakRealmReconciler) Reconcile ¶
func (r *ClusterKeycloakRealmReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles ClusterKeycloakRealm reconciliation
func (*ClusterKeycloakRealmReconciler) SetupWithManager ¶
func (r *ClusterKeycloakRealmReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakAuthenticationFlowReconciler ¶ added in v0.7.0
type KeycloakAuthenticationFlowReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakAuthenticationFlowReconciler reconciles a KeycloakAuthenticationFlow object
func (*KeycloakAuthenticationFlowReconciler) Reconcile ¶ added in v0.7.0
func (r *KeycloakAuthenticationFlowReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakAuthenticationFlow reconciliation
func (*KeycloakAuthenticationFlowReconciler) SetupWithManager ¶ added in v0.7.0
func (r *KeycloakAuthenticationFlowReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakClientReconciler ¶
type KeycloakClientReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakClientReconciler reconciles a KeycloakClient object
func (*KeycloakClientReconciler) Reconcile ¶
func (r *KeycloakClientReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakClient reconciliation
func (*KeycloakClientReconciler) SetupWithManager ¶
func (r *KeycloakClientReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakClientScopeReconciler ¶
type KeycloakClientScopeReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakClientScopeReconciler reconciles a KeycloakClientScope object
func (*KeycloakClientScopeReconciler) Reconcile ¶
func (r *KeycloakClientScopeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakClientScope reconciliation
func (*KeycloakClientScopeReconciler) SetupWithManager ¶
func (r *KeycloakClientScopeReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakComponentReconciler ¶
type KeycloakComponentReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakComponentReconciler reconciles a KeycloakComponent object
func (*KeycloakComponentReconciler) Reconcile ¶
func (r *KeycloakComponentReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakComponent reconciliation
func (*KeycloakComponentReconciler) SetupWithManager ¶
func (r *KeycloakComponentReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakGroupReconciler ¶
type KeycloakGroupReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakGroupReconciler reconciles a KeycloakGroup object
func (*KeycloakGroupReconciler) Reconcile ¶
func (r *KeycloakGroupReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakGroup reconciliation
func (*KeycloakGroupReconciler) SetupWithManager ¶
func (r *KeycloakGroupReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakIdentityProviderReconciler ¶
type KeycloakIdentityProviderReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakIdentityProviderReconciler reconciles a KeycloakIdentityProvider object
func (*KeycloakIdentityProviderReconciler) Reconcile ¶
func (r *KeycloakIdentityProviderReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakIdentityProvider reconciliation
func (*KeycloakIdentityProviderReconciler) SetupWithManager ¶
func (r *KeycloakIdentityProviderReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakInstanceReconciler ¶
type KeycloakInstanceReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakInstanceReconciler reconciles a KeycloakInstance object
func (*KeycloakInstanceReconciler) Reconcile ¶
func (r *KeycloakInstanceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakInstance reconciliation
func (*KeycloakInstanceReconciler) SetupWithManager ¶
func (r *KeycloakInstanceReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakOrganizationReconciler ¶
type KeycloakOrganizationReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakOrganizationReconciler reconciles a KeycloakOrganization object
func (*KeycloakOrganizationReconciler) Reconcile ¶
func (r *KeycloakOrganizationReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakOrganization reconciliation
func (*KeycloakOrganizationReconciler) SetupWithManager ¶
func (r *KeycloakOrganizationReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakProtocolMapperReconciler ¶
type KeycloakProtocolMapperReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakProtocolMapperReconciler reconciles a KeycloakProtocolMapper object
func (*KeycloakProtocolMapperReconciler) Reconcile ¶
func (r *KeycloakProtocolMapperReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakProtocolMapper reconciliation
func (*KeycloakProtocolMapperReconciler) SetupWithManager ¶
func (r *KeycloakProtocolMapperReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakRealmReconciler ¶
type KeycloakRealmReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakRealmReconciler reconciles a KeycloakRealm object
func (*KeycloakRealmReconciler) Reconcile ¶
func (r *KeycloakRealmReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakRealm reconciliation
func (*KeycloakRealmReconciler) SetupWithManager ¶
func (r *KeycloakRealmReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakRequiredActionReconciler ¶ added in v0.6.0
type KeycloakRequiredActionReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakRequiredActionReconciler reconciles a KeycloakRequiredAction object
func (*KeycloakRequiredActionReconciler) Reconcile ¶ added in v0.6.0
func (r *KeycloakRequiredActionReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakRequiredAction reconciliation
func (*KeycloakRequiredActionReconciler) SetupWithManager ¶ added in v0.6.0
func (r *KeycloakRequiredActionReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakRoleMappingReconciler ¶
type KeycloakRoleMappingReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakRoleMappingReconciler reconciles a KeycloakRoleMapping object
func (*KeycloakRoleMappingReconciler) Reconcile ¶
func (r *KeycloakRoleMappingReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakRoleMapping reconciliation
func (*KeycloakRoleMappingReconciler) SetupWithManager ¶
func (r *KeycloakRoleMappingReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakRoleReconciler ¶
type KeycloakRoleReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakRoleReconciler reconciles a KeycloakRole object
func (*KeycloakRoleReconciler) Reconcile ¶
func (r *KeycloakRoleReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakRole reconciliation
func (*KeycloakRoleReconciler) SetupWithManager ¶
func (r *KeycloakRoleReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakUserCredentialReconciler ¶
type KeycloakUserCredentialReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakUserCredentialReconciler reconciles a KeycloakUserCredential object
func (*KeycloakUserCredentialReconciler) Reconcile ¶
func (r *KeycloakUserCredentialReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakUserCredential reconciliation
func (*KeycloakUserCredentialReconciler) SetupWithManager ¶
func (r *KeycloakUserCredentialReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
type KeycloakUserReconciler ¶
type KeycloakUserReconciler struct {
client.Client
Scheme *runtime.Scheme
ClientManager *keycloak.ClientManager
}
KeycloakUserReconciler reconciles a KeycloakUser object
func (*KeycloakUserReconciler) Reconcile ¶
func (r *KeycloakUserReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile handles KeycloakUser reconciliation
func (*KeycloakUserReconciler) SetupWithManager ¶
func (r *KeycloakUserReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager
Source Files
¶
- clusterkeycloakinstance_controller.go
- clusterkeycloakrealm_controller.go
- keycloak_config.go
- keycloakauthenticationflow_controller.go
- keycloakclient_controller.go
- keycloakclientscope_controller.go
- keycloakcomponent_controller.go
- keycloakgroup_controller.go
- keycloakidentityprovider_controller.go
- keycloakinstance_controller.go
- keycloakorganization_controller.go
- keycloakprotocolmapper_controller.go
- keycloakrealm_controller.go
- keycloakrequiredaction_controller.go
- keycloakrole_controller.go
- keycloakrolemapping_controller.go
- keycloakuser_controller.go
- keycloakusercredential_controller.go
- metrics.go