From be3ba04046353c63c923b149436409ede6dfbe7a Mon Sep 17 00:00:00 2001
From: Bruno Oliveira da Silva <bruno@abstractj.org>
Date: Wed, 12 Dec 2018 12:15:10 -0200
Subject: [PATCH] [KEYCLOAK-9071] Move kube and Dockerfile content from
 Gatekeeper repository

---
 Dockerfile       | 15 --------------
 doc.go           |  6 +++---
 kube/forward.yml | 36 --------------------------------
 kube/reverse.yml | 54 ------------------------------------------------
 4 files changed, 3 insertions(+), 108 deletions(-)
 delete mode 100644 Dockerfile
 delete mode 100644 kube/forward.yml
 delete mode 100644 kube/reverse.yml

diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index 081fa17..0000000
--- a/Dockerfile
+++ /dev/null
@@ -1,15 +0,0 @@
-FROM alpine:3.7
-
-LABEL Name=keycloak-gatekeeper \
-      Release=https://github.com/keycloak/keycloak-gatekeeper \
-      Url=https://github.com/keycloak/keycloak-gatekeeper \
-      Help=https://github.com/keycloak/keycloak-gatekeeper/issues
-
-RUN apk add --no-cache ca-certificates
-
-ADD templates/ /opt/templates
-ADD bin/keycloak-gatekeeper /opt/keycloak-gatekeeper
-
-WORKDIR "/opt"
-
-ENTRYPOINT [ "/opt/keycloak-gatekeeper" ]
diff --git a/doc.go b/doc.go
index abedb0e..ca1d97d 100644
--- a/doc.go
+++ b/doc.go
@@ -35,8 +35,8 @@ var (
 
 const (
 	prog        = "keycloak-gatekeeper"
-	author      = "Rohith Jayawardene"
-	email       = "gambol99@gmail.com"
+	author      = "Keycloak"
+	email       = "keycloak-user@lists.jboss.org"
 	description = "is a proxy using the keycloak service for auth and authorization"
 
 	authorizationHeader = "Authorization"
@@ -287,7 +287,7 @@ type Config struct {
 	// EncryptionKey is the encryption key used to encrypt the refresh token
 	EncryptionKey string `json:"encryption-key" yaml:"encryption-key" usage:"encryption key used to encryption the session state" env:"ENCRYPTION_KEY"`
 
-	// InvalidAuthRedirectsWith303 will make requests with invalid auth headers redirect using HTTP 303 instead of HTTP 307.  See github.com/gambol99/keycloak-gatekeeper/issues/292 for context.
+	// InvalidAuthRedirectsWith303 will make requests with invalid auth headers redirect using HTTP 303 instead of HTTP 307.  See github.com/keycloak/keycloak-gatekeeper/issues/292 for context.
 	InvalidAuthRedirectsWith303 bool `json:"invalid-auth-redirects-with-303" yaml:"invalid-auth-redirects-with-303" usage:"use HTTP 303 redirects instead of 307 for invalid auth tokens"`
 	// NoRedirects informs we should hand back a 401 not a redirect
 	NoRedirects bool `json:"no-redirects" yaml:"no-redirects" usage:"do not have back redirects when no authentication is present, 401 them"`
diff --git a/kube/forward.yml b/kube/forward.yml
deleted file mode 100644
index 027ee05..0000000
--- a/kube/forward.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: proxy
-spec:
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        name: proxy
-      annotations:
-        repository: https://github.com/keycloak/keycloak-gatekeeper
-    spec:
-      containers:
-      - name: proxy
-        image: docker.io/jboss/keycloak/keycloak-gatekeeper:latest
-        imagePullPolicy: Always
-        args:
-          - --config /etc/secrets/forwarding.yml
-          - --discovery-url https://sso.example.com/auth/realms/hod-test
-          - --client-id broker
-          - --client-secret
-          - --listen 127.0.0.1:3000
-          - --enable-forwarding=true
-          - --forwarding-username=username
-          - --forwarding-password=password
-          - --enable-logging=true
-          - --enable-json-logging true
-          - --verbose true
-        volumeMounts:
-        - name: secrets
-          mountPath: /etc/secrets
-      volumes:
-      - name: secrets
-        secret:
-          secretName: config
diff --git a/kube/reverse.yml b/kube/reverse.yml
deleted file mode 100644
index ab06a73..0000000
--- a/kube/reverse.yml
+++ /dev/null
@@ -1,54 +0,0 @@
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: proxy
-spec:
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        name: proxy
-      annotations:
-        repository: https://github.com/keycloak/keycloak-gatekeeper
-    spec:
-      securityContext:
-        fsGroup: 1000
-        runAsNonRoot: true
-        runAsUser: 1000
-      volumes:
-      - name: certs
-        secret:
-          secretName: tls
-      containers:
-        - name: proxy
-          image: docker.io/jboss/keycloak/keycloak-gatekeeper:latest
-          imagePullPolicy: Always
-          args:
-            - --client-id=broker
-            - --discovery-url=https://sso.example.com/auth/realms/hod-test
-            - --enable-default-deny=false
-            - --enable-json-logging=true
-            - --enable-logging=true
-            - --enable-request-id=true
-            - --enable-security-filter=true
-            - --http-only-cookie=true
-            - --listen=127.0.0.1:3000
-            - --preserve-host=true
-            - --redirection-url=https://www.example.com
-            - --resources=uri=/admin/*|roles=admin
-            - --skip-client-id=true
-            - --tls-cert=/certs/tls.pem
-            - --tls-private-key=/certs/tls-key.pem
-            - --upstream-url=http://127.0.0.1:8080
-          env:
-            - name: PROXY_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: openid
-                  key: client.secret
-          securityContext:
-            readOnlyRootFilesystem: true
-          volumeMounts:
-          - name: certs
-            mountPath: /certs
-            readOnly: true
-- 
GitLab