How to create custom themes on Keycloak Operator deployment on Kubernetes?

问题

Complete flow is somewhat like this:

Step-1: Applying all the relevant YAMLs

$ sudo kind create cluster --name aftab-cluster --config cluster-config.yaml
$ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.17.0/install.sh | bash -s v0.17.0
$ kubectl apply -f keycloak_backup.yaml
$ kubectl apply -f keycloaks_client.yaml
$ kubectl apply -f keycloaks_realm.yaml         //Theme configs not there. So, added loginTheme.

loginTheme:
  description: Login Theme
  type: string
loginWithEmailAllowed:
  description: Login with email
  type: boolean

$ kubectl apply -f keycloak_users.yaml
$ kubectl apply -f keycloaks_crd.yaml
$ kubectl apply -f namespace.yaml
$ kubectl apply -f role.yaml -n keycloak-namespace
$ kubectl apply -f role_binding.yaml -n keycloak-namespace
$ kubectl apply -f sa.yaml -n keycloak-namespace
$ kubectl apply -f operator.yaml -n keycloak-namespace
$ kubectl apply -f keycloak.yaml -n keycloak-namespace  

apiVersion: keycloak.org/v1alpha1
kind: Keycloak
metadata:
  name: example-keycloak
  labels:
   app: sso
spec:
  instances: 1
  extensions:
   - /PATH/FOR/MY/COLOR-THEME/JAR/
  externalAccess:
    enabled: True       

Step-2: Verifing if pods are running. RUNNING HAPPILY.

$ kubectl get po -n keycloak-namespace      // I can see podsa are running successfuly.
NAME                                   READY   STATUS    RESTARTS   AGE
keycloak-0                             1/1     Running   0          3m13s
keycloak-operator-798747fb9d-2lgzn     1/1     Running   0          4m21s
keycloak-postgresql-85579c4d6d-4tgxj   1/1     Running   0          3m13s

Step-3: Creating a new Realm and client

$ kubectl apply -f my-realm.yaml -n keycloak-namespace

apiVersion: keycloak.org/v1alpha1
kind: KeycloakRealm
metadata:
  name: myrealm-realm
  labels:
    app: myrealm-realm
spec:
  realm:
    id: "myrealm"
    realm: "myrealm"
    enabled: True
    displayName: "myrealm"
    userRegistration: True
    registrationAllowed: True
    editUsernameAllowed: True
    resetPasswordAllowed: True
    rememberMe: True
    registrationEmailAsUsername: True
    loginTheme: "COLOR-THEME"                <<<<<<<<<< MY CUSTOM THEME
    users:
      - username: "admin"
        firstName: "Admin"
        realmRoles:
          - "offline_access"
          - "uma_authorization"

$ kubectl apply -f my-client.yaml -n keycloak-namespace

Step-4: Finally, accessed keycloak instance at http://localhost:3010, Working as expected.

Reams, clients, users, etc are looking good. But, my COLOR-THEME not found at the realm setting tab. Only default themes are there (keycloak and base).

directory structure looks like this:

$ ls
cluster-config.yaml  keycloak_backup.yaml   keycloaks_crd.yaml    namespace.yaml  role_binding.yaml  my-client.yaml
xyz                  keycloak_users.yaml    keycloaks_realm.yaml  operator.yaml   sa.yaml            my_realm.yaml
keycloak.yaml        keycloaks_client.yaml  keyclok-ing.yaml      role.yaml       themes             myrealm-realm.yaml

回答1:

How do we use CRDs in order to use or create new Keycloak themes?

For the first part of the question, if you want to add/change a field (i.e., the Realm Theme) that the Keycloak Operator recognizes natively, the only change you will have to do is to add to the each of your Realm CRD, the following:

spec:
  realm:
    id: Realm_ID
    ...
    loginTheme: "my_login_theme"

For the second part (i.e., create new Keycloak themes):

You can't. First you create the new Theme, add the folders of the new Theme into the Keycloak deployment, then you add to the Keycloak Operator as previously mentioned.

To check if the Keycloak Operator support the loginTheme field search in the file keycloak-operator/deploy/crds/keycloak.org_keycloakrealms.yaml. If it is not there, you will need to add:

            loginTheme:
              description: Login Theme
              type: string
            loginWithEmailAllowed:
              description: Login with email
              type: boolean

Moreover, in the file pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go you need to add that extra field to the KeycloakAPIRealm struct, namely:

type KeycloakAPIRealm struct {
    // +kubebuilder:validation:Required
    // +optional
    ID string `json:"id"`
    // Realm name.
    // +kubebuilder:validation:Required
    Realm string `json:"realm"`
    // Realm enabled flag.
    // +optional
    Enabled bool `json:"enabled"`
    // Login Theme name 
    // +optional
    LoginTheme string `json:"loginTheme,omitempty"`
    .....
}

build the project and run.

来源：https://stackoverflow.com/questions/65301206/how-to-create-custom-themes-on-keycloak-operator-deployment-on-kubernetes