Some issues with helm upgrade process were addressed:
The credential update for keycloak was not triggered properly bricking the whole system. That was caused by the PUT request that intended to update only one field, but it rather replace the whole client config with defaults, including the permissions
Added hook weights
Added a more dynamic tag for images. Defaults to the Chart's app version
Added a temporary secret for the init secret job, which is deleted on successful hook
Brought the ready_check endpoint for nginx to allow redirect traffic to backend without having to rely on keycloak too
Keycloak service on port 80
Added random string as annotation to get the backend and keycloak to be refreshed during an upgrade
Moved some helm values as helm templates as there is no point in customizing those values, i.e. the backend image name and registry
Some issues with helm upgrade process were addressed:
PUTrequest that intended to update only one field, but it rather replace the whole client config with defaults, including the permissionsready_checkendpoint for nginx to allow redirect traffic to backend without having to rely on keycloak too