Keycloak's userinfo endpoint for token validation requires the openid scope included as default. That is now part of the kc-init script.
conditional ssl verify if helm chart explicitly has local_development set to true. It defaults to false. To avoid code repetition all requests invocations are replaced with a Keycloak class requests.session to have a generalized parametrization.
Added a custom coredns configmap so that the external url is mapped to the nginx service. This is done so that the token yielded from the backend service will have an issuer that can track down the Identity Provider from another KC instance, thus allowing the exchange.
Updated KC configuration via env vars
Added a different ready_check endpoint so the nginx controller can start redirecting traffic rather than waiting for the backend to come alive trhough health_check which pings keycloak via the public url.
Generalized the secret creation and fetching to the Kubernetes class.
openidscope included as default. That is now part of the kc-init script.local_developmentset totrue. It defaults tofalse. To avoid code repetition allrequestsinvocations are replaced with aKeycloakclassrequests.sessionto have a generalized parametrization.corednsconfigmap so that the external url is mapped to the nginx service. This is done so that the token yielded from the backend service will have an issuer that can track down the Identity Provider from another KC instance, thus allowing the exchange.Kubernetesclass.