I deployed the keycloak-operator as in whats described on operatorhub.io then created a client like:
apiVersion: keycloak.org/v1alpha1
kind: KeycloakClient
metadata:
name: foo
namespace: my-keycloak-operator
labels:
app: sso
spec:
client:
redirectUris:
- 'https://mysite.mydomain'
description: Foo Client
enabled: true
clientId: foo
name: foo
secret: fooclient
realmSelector:
matchLabels:
app: sso
then you can use oauth2 proxy to read the secrets with this patch like: https://github.com/helm/charts/pull/22231/files#diff-1814985cb280af8b98f23690d9facec5R159-R168
As a workaround, I had to manually create the oauth2 proxy secret reading out the data in the keycloak managed secret and putting it into the oauth2 proxy secret. This is not ideal though.
Originally posted by @kfox1111 in helm/charts#22231 (comment)