fix: default keycloak realm envs (#455)

## Description Updating default values for keycloak realm settings, identity-config realm.json files now use default values in the realm.json so there is no need for default values to live in uds-core. So removed those default values and instead added a comment block of values that could be used to override the default values. ## Related Issue [Relates to this uds-identity-config PR](defenseunicorns/uds-identity-config#95) ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request) followed
defenseunicorns · Jun 6, 2024 · dd47248 · dd47248
1 parent e65bc13
commit dd47248
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/src/keycloak/chart/values.yaml b/src/keycloak/chart/values.yaml
@@ -15,12 +15,20 @@ domain: "###ZARF_VAR_DOMAIN###"
 # The primary Keycloak realm
 realm: uds
 
-# UDS Identity Config Environment Variables. More info here: https://github.com/defenseunicorns/uds-identity-config/blob/main/docs/CUSTOMIZE.md#templated-realm-values
+# UDS Identity Config Realm Environment Variables. More info here: https://github.com/defenseunicorns/uds-identity-config/blob/main/docs/CUSTOMIZE.md#templated-realm-values
 realmInitEnv:
   GOOGLE_IDP_ENABLED: false
-  # Other UDS Identity Config fields that will be used in the realm.json initalization of keycloak
-  # GOOGLE_IDP_CLIENTID: ""
-  # GOOGLE_IDP_CLIENT_SECRET: ""
+#   GOOGLE_IDP_ID: ""
+#   GOOGLE_IDP_SIGNING_CERT: ""
+#   GOOGLE_IDP_NALE_ID_FORMAT: ""
+#   GOOGLE_IDP_CORE_ENTITY_ID: ""
+#   GOOGLE_IDP_ADMIN_GROUP: ""
+#   GOOGLE_IDP_AUDITOR_GROUP: ""
+#   PASSWORD_POLICY: "hashAlgorithm(pbkdf2-sha256) and forceExpiredPasswordChange(90) and specialChars(2) and lowerCase(0) and upperCase(0) and passwordHistory(5) and length(12) and notUsername(undefined) and digits(0)"
+#   EMAIL_VERIFICATION_ENABLED: true
+#   OTP_ENABLED: true
+#   TERMS_AND_CONDITIONS_ENABLED: true
+#   REALM_X509_OCSP_FAIL_OPEN: true
 
 # Generates an initial password for first admin user - only use if install is headless
 # (i.e. cannot hit keycloak UI with `zarf connect keycloak`), password should be changed after initial login