HCL Compass for Single Sign On support with Keycloak

Single Sign-On support is offered by using Keycloak.

By default, HCL Compass sets the Single Sign-On functionality to disable. To enable Signle Sign-On functionality, modify the default values as shown in the table.

Table 1. Installation Manager Helm Chart
Parameter Description Default value
keycloak.enabled This parameter enables or disables the HCL Compass Single Sign-On service. This parameter is required to use the HCL Compass Single Sign-On Service. Accepted values are:
  • True: enables the HCL Compass Single Sign-On service.
  • False: disables the HCL Compass Single Sign-On service.
 false
keycloak.service.enabled This parameter enables or disables the Keycloak service in HCL Compass Helm Chart for Single Sign-On service. This parameter is required to use the HCL Compass Single Sign-On feature and deploy Keycloak with HCL Compass Helm Chart. Accepted values are:
  • True: enables the HCL Compass Keycloak service.
  • False: disables the HCL Compass Keycloak service.

false
keycloak.service.replicaCount Number of replica Keycloak pods. This parameter is required if keycloak.service.enabled=true. 1
keycloak.service.image.repository HCL Compass Keycloak docker image repository path. This parameter is required if keycloak.service.enabled=true. compass/hcl-compass-keycloak
keycloak.service.image.tag HCL Compass Keycloak image tag. This parameter is required if keycloak.service.enabled=true. 2.1.0
keycloak.service.image.pullPolicy HCL Compass Keycloak image pull policy. This parameter is required if keycloak.service.enabled=true. Accepted values are:
  • IfNotPresent
  • Always
 IfNotPresent
keycloak.service.hostname HCL Compass Keycloak hostname. hcl-compass-keycloak
keycloak.service.type HCL Compass Keycloak service type. ClusterIP
keycloak.service.exposePort HCL Compass Keycloak service port. ""
keycloak.service.username Keycloak Administration Console username. admin
keycloak.service.password Keycloak Administration Console password. admin
keycloak.service.ipAddress Cluster IP address or Hostname. ""
keycloak.service.tls.enabled This parameter enables installation of the Keycloak TLS certificate and private key files. Accepted values are:
  • True: enables installing TLS files.
  • False: disables installing TLS files.
 true
keycloak.service.tls.configMapName This is the configMap file name that contains the TLS certificate and TLS private key files. This parameter is required if keycloak.service.enabled=true. keycloak-tls
keycloak.service.importRealm.enabled This parameter enables importing Keycloak realm configuration file. Accepted values are:
  • True: enables importing Keycloak realm configuration file.
  • False: disables importing Keycloak realm configuration files.
 false
keycloak.service.importRealm.fileName This is the configMap file name that contains the realm configuration file. This parameter is required if keycloak.service.enabled=true and keycloak.service.importRealm.enabled=true. realm.json
keycloak.service.configMapName.fileName This is the configMap file name that contains the realm configuration file. This parameter is required if keycloak.service.enabled=true and keycloak.service.importRealm.enabled=true. realm-json
keycloak.jsonFile.enabled This parameter enables installing the keycloak.json file to the REST API services /data folder. Accepted values are:
  • True: enables installing the keycloak.json file.
  • False: disables installing the keycloak.json file.
 false
keycloak.jsonFile.configMapName This the configMap file name that contains the keycloak.json file. This parameter is required if keycloak.jsonFile.enabled=true. keycloak-json