From 5479f08e14632f2991a30d6d4ed81d0e6abade24 Mon Sep 17 00:00:00 2001
From: system <system@paasup.io>
Date: Tue, 10 Mar 2026 03:20:51 +0000
Subject: [PATCH] Update values for openmetadata3

---
 openmetadata3/values-quota.yaml        |  0
 openmetadata3/values-volume-quota.yaml |  0
 openmetadata3/values.yaml              | 81 ++++++++++++++++++++++++++
 3 files changed, 81 insertions(+)
 create mode 100644 openmetadata3/values-quota.yaml
 create mode 100644 openmetadata3/values-volume-quota.yaml
 create mode 100644 openmetadata3/values.yaml

diff --git a/openmetadata3/values-quota.yaml b/openmetadata3/values-quota.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/openmetadata3/values-volume-quota.yaml b/openmetadata3/values-volume-quota.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/openmetadata3/values.yaml b/openmetadata3/values.yaml
new file mode 100644
index 0000000..caa3c13
--- /dev/null
+++ b/openmetadata3/values.yaml
@@ -0,0 +1,81 @@
+#version: openmetadata, 1.12.1
+openmetadata:
+  config:
+    authorizer:
+      className: "org.openmetadata.service.security.DefaultAuthorizer"
+      containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
+      initialAdmins:
+      - "admin"
+      - "kkmbal"
+      principalDomain: "paasup.io"
+      allowedDomains:
+      - "gke.paasup.io"
+      - "paasup.io"
+
+    authentication:
+      clientType: confidential
+      provider: "custom-oidc"
+      publicKeys:
+      - "https://openmetadata3.gke.paasup.io/api/v1/system/config/jwks"
+      - "https://keycloak.gke.paasup.io/realms/paasup/protocol/openid-connect/certs"
+      clientId: "open-metadata"
+      callbackUrl: "https://openmetadata3.gke.paasup.io/callback"
+      jwtPrincipalClaims:
+        - "preferred_username"
+        - "email"
+        - "sub"
+      oidcConfiguration:
+        enabled: true
+        oidcType: "Keycloak"
+        clientId:
+          secretRef: oidc-secrets
+          secretKey: openmetadata-oidc-client-id
+        clientSecret:
+          secretRef: oidc-secrets
+          secretKey: openmetadata-oidc-client-secret
+        discoveryUri: "https://keycloak.gke.paasup.io/realms/paasup/.well-known/openid-configuration"
+        serverUrl: "https://openmetadata3.gke.paasup.io"
+        callbackUrl: "https://openmetadata3.gke.paasup.io/callback"
+        tokenValidity: "3600"
+        sessionExpiry: "604800"
+    pipelineServiceClientConfig:
+      metadataApiEndpoint: "http://openmetadata3:8585/api"
+      airflow:
+        apiEndpoint: "http://openmetadata-dep-api-server:8080"
+
+ingress:
+  enabled: true
+  className: "kong"
+  annotations:
+    cert-manager.io/cluster-issuer: root-ca-issuer
+    cert-manager.io/duration: 8760h
+    cert-manager.io/renew-before: 720h
+    konghq.com/protocols: https
+    konghq.com/https-redirect-status-code: "301"
+  hosts:
+    - host: "openmetadata3.gke.paasup.io"
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls:
+    - secretName: openmetadata-tls
+      hosts:
+        - "openmetadata3.gke.paasup.io"
+
+extraVolumes:
+  - name: java-truststore
+    secret:
+      secretName: java-truststore
+
+extraVolumeMounts:
+  - name: java-truststore
+    mountPath: /etc/ssl/java
+    readOnly: true
+
+resources: {}
+
+extraEnvs:
+  - name: LOG_LEVEL
+    value: "INFO"
+  - name: "OPENMETADATA_PUBLIC_URL"
+    value: "https://openmetadata3.gke.paasup.io"
\ No newline at end of file