[bitnami/keycloak] Allow overriding namespace via values (#11176)

* Keycloak: allow overriding namespace from values Signed-off-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Signed-off-by: Lorenzo Scebba <lorenzo.scebba@outlook.com> * Keycloak: Use common helper "common.names.namespace" Signed-off-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Signed-off-by: Lorenzo Scebba <lorenzo.scebba@outlook.com> * Keycloak: Fixed some missing namespaces Signed-off-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Signed-off-by: Lorenzo Scebba <lorenzo.scebba@outlook.com> * Keycloak: Fixed tls-secret namespace include Signed-off-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Signed-off-by: Lorenzo Scebba <lorenzo.scebba@outlook.com> * Keycloak: bumped chart version to 9.6.0 Signed-off-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Signed-off-by: Lorenzo Scebba <lorenzo.scebba@outlook.com> Co-authored-by: Lorenzo Scebba <lorenzo.scebba@intre.it> Co-authored-by: Lorenzo Scebba <lorenzo.scebba@outlook.com>
2026-03-16 06:47:30 +08:00 · 2022-07-20 16:25:46 +02:00
parent 01ced90ba0
commit e18d1dc241
23 changed files with 44 additions and 40 deletions
--- a/bitnami/keycloak/Chart.yaml
+++ b/bitnami/keycloak/Chart.yaml
@@ -26,4 +26,4 @@ name: keycloak
 sources:
  - https://github.com/bitnami/bitnami-docker-keycloak
  - https://github.com/keycloak/keycloak
-version: 9.5.0
+version: 9.6.0
--- a/bitnami/keycloak/README.md
+++ b/bitnami/keycloak/README.md
@@ -69,6 +69,7 @@ The command removes all the Kubernetes components associated with the chart and
 | `kubeVersion`            | Force target Kubernetes version (using Helm capabilities if not set)                    | `""`            |
 | `nameOverride`           | String to partially override keycloak.fullname                                          | `""`            |
 | `fullnameOverride`       | String to fully override keycloak.fullname                                              | `""`            |
+| `namespaceOverride`      | String to fully override common.names.namespace                                         | `""`            |
 | `commonLabels`           | Labels to add to all deployed objects                                                   | `{}`            |
 | `commonAnnotations`      | Annotations to add to all deployed objects                                              | `{}`            |
 | `clusterDomain`          | Default Kubernetes cluster domain                                                       | `cluster.local` |
--- a/bitnami/keycloak/templates/NOTES.txt
+++ b/bitnami/keycloak/templates/NOTES.txt
@@ -6,7 +6,7 @@ APP VERSION: {{ .Chart.AppVersion }}

 Keycloak can be accessed through the following DNS name from within your cluster:

-    {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ coalesce .Values.service.ports.http .Values.service.port }})
+    {{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} (port {{ coalesce .Values.service.ports.http .Values.service.port }})

 To access Keycloak from outside the cluster execute the following commands:

@@ -24,11 +24,11 @@ To access Keycloak from outside the cluster execute the following commands:

 {{- if contains "NodePort" .Values.service.type }}

-    export HTTP_NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}" services {{ include "common.names.fullname" . }})
+    export HTTP_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}" services {{ include "common.names.fullname" . }})
    {{- if .Values.auth.tls.enabled }}
-    export HTTPS_NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}" services {{ include "common.names.fullname" . }})
+    export HTTPS_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}" services {{ include "common.names.fullname" . }})
    {{- end }}
-    export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+    export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")

    echo "http://${NODE_IP}:${HTTP_NODE_PORT}/"
    {{- if .Values.auth.tls.enabled }}
@@ -38,13 +38,13 @@ To access Keycloak from outside the cluster execute the following commands:
 {{- else if contains "LoadBalancer" .Values.service.type }}

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-        You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "common.names.fullname" . }}'
+        You can watch its status by running 'kubectl get --namespace {{ include "common.names.namespace" . }} svc -w {{ include "common.names.fullname" . }}'

-    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
+    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
    {{- if .Values.auth.tls.enabled }}
-    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
+    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
    {{- end }}
-    export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+    export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')

    echo "http://${SERVICE_IP}:${HTTP_SERVICE_PORT}/"
    {{- if .Values.auth.tls.enabled }}
@@ -53,11 +53,11 @@ To access Keycloak from outside the cluster execute the following commands:

 {{- else if contains "ClusterIP" .Values.service.type }}

-    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
+    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
    {{- if .Values.auth.tls.enabled }}
-    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
+    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
    {{- end }}
-    kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} ${HTTPS_SERVICE_PORT}:${HTTPS_SERVICE_PORT} &
+    kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} ${HTTPS_SERVICE_PORT}:${HTTPS_SERVICE_PORT} &

    echo "http://127.0.0.1:${HTTP_SERVICE_PORT}/"
    {{- if .Values.auth.tls.enabled }}
@@ -73,9 +73,9 @@ To access Keycloak from outside the cluster execute the following commands:

  echo Username: {{ .Values.auth.adminUser }}
 {{- if not .Values.auth.existingSecretPerPassword }}
-  echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecret "context" $) }} -o jsonpath="{.data.admin-password}" | base64 -d)
+  echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecret "context" $) }} -o jsonpath="{.data.admin-password}" | base64 -d)
 {{- else }}
-  echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.adminPassword "context" $) }} -o jsonpath="\{ {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "adminPassword") }} \}" | base64 -d)
+  echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.adminPassword "context" $) }} -o jsonpath="\{ {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "adminPassword") }} \}" | base64 -d)
 {{- end }}
 {{- end }}
 {{- if .Values.metrics.enabled }}
@@ -85,7 +85,7 @@ You can access the Prometheus metrics following the steps below:
 1. Get the Keycloak Prometheus metrics URL by running:

    {{- $metricsPort := coalesce .Values.metrics.service.ports.http .Values.metrics.service.port | toString }}
-    kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ printf "%s-metrics" (include "keycloak.fullname" .) }} {{ $metricsPort }}:{{ $metricsPort }} &
+    kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ printf "%s-metrics" (include "keycloak.fullname" .) }} {{ $metricsPort }}:{{ $metricsPort }} &
    echo "Keycloak Prometheus metrics URL: http://127.0.0.1:{{ $metricsPort }}/metrics"

 2. Open a browser and access Keycloak Prometheus metrics using the obtained URL.
--- a/bitnami/keycloak/templates/configmap-env-vars.yaml
+++ b/bitnami/keycloak/templates/configmap-env-vars.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ printf "%s-env-vars" (include "keycloak.fullname" .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
@@ -30,7 +30,7 @@ data:
  {{- if .Values.cache.enabled }}
  KEYCLOAK_CACHE_TYPE: "ispn"
  KEYCLOAK_CACHE_STACK: "kubernetes"
-  JAVA_OPTS_APPEND: {{ printf "-Djgroups.dns.query=%s-headless.%s.svc.%s" (include "keycloak.fullname" .) .Release.Namespace .Values.clusterDomain }}
+  JAVA_OPTS_APPEND: {{ printf "-Djgroups.dns.query=%s-headless.%s.svc.%s" (include "keycloak.fullname" .) (include "common.names.namespace" .) .Values.clusterDomain }}
  {{- else }}
  KEYCLOAK_CACHE_TYPE: "local"
  {{- end }}
--- a/bitnami/keycloak/templates/configmap.yaml
+++ b/bitnami/keycloak/templates/configmap.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ printf "%s-configuration" (include "keycloak.fullname" .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/headless-service.yaml
+++ b/bitnami/keycloak/templates/headless-service.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ printf "%s-headless" (include "keycloak.fullname" .) | trunc 63 | trimSuffix "-" }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/hpa.yaml
+++ b/bitnami/keycloak/templates/hpa.yaml
@@ -3,7 +3,7 @@ apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ )
 kind: HorizontalPodAutoscaler
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/ingress.yaml
+++ b/bitnami/keycloak/templates/ingress.yaml
@@ -3,7 +3,7 @@ apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
  name: {{ include "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/init-scripts-configmap.yaml
+++ b/bitnami/keycloak/templates/init-scripts-configmap.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ printf "%s-init-scripts" (include "keycloak.fullname" .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/keycloak-config-cli-configmap.yaml
+++ b/bitnami/keycloak/templates/keycloak-config-cli-configmap.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ include "keycloak.keycloakConfigCli.configmapName" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak-config-cli
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/keycloak-config-cli-job.yaml
+++ b/bitnami/keycloak/templates/keycloak-config-cli-job.yaml
@@ -3,7 +3,7 @@ apiVersion: batch/v1
 kind: Job
 metadata:
  name: {{ template "keycloak.fullname" . }}-keycloak-config-cli
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak-config-cli
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/metrics-service.yaml
+++ b/bitnami/keycloak/templates/metrics-service.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ printf "%s-metrics" (include "keycloak.fullname" .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: metrics
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/networkpolicy.yaml
+++ b/bitnami/keycloak/templates/networkpolicy.yaml
@@ -3,7 +3,7 @@ kind: NetworkPolicy
 apiVersion: networking.k8s.io/v1
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/pdb.yaml
+++ b/bitnami/keycloak/templates/pdb.yaml
@@ -3,7 +3,7 @@ apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/role.yaml
+++ b/bitnami/keycloak/templates/role.yaml
@@ -3,7 +3,7 @@ kind: Role
 apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/rolebinding.yaml
+++ b/bitnami/keycloak/templates/rolebinding.yaml
@@ -3,7 +3,7 @@ kind: RoleBinding
 apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
@@ -19,5 +19,5 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: {{ template "keycloak.serviceAccountName" . }}
-    namespace: {{ .Release.Namespace }}
+    namespace: {{ include "common.names.namespace" . | quote }}
 {{- end }}
--- a/bitnami/keycloak/templates/secrets.yaml
+++ b/bitnami/keycloak/templates/secrets.yaml
@@ -4,7 +4,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: {{ $secretName }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/service.yaml
+++ b/bitnami/keycloak/templates/service.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/serviceaccount.yaml
+++ b/bitnami/keycloak/templates/serviceaccount.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "keycloak.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/servicemonitor.yaml
+++ b/bitnami/keycloak/templates/servicemonitor.yaml
@@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace }}
+  namespace: {{ default (include "common.names.namespace" .) .Values.metrics.serviceMonitor.namespace }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.metrics.serviceMonitor.labels }}
@@ -41,7 +41,7 @@ spec:
      {{- end }}
  namespaceSelector:
    matchNames:
-      - {{ .Release.Namespace }}
+      - {{ include "common.names.namespace" . | quote }}
  selector:
    matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
      {{- if .Values.metrics.serviceMonitor.selector }}
--- a/bitnami/keycloak/templates/statefulset.yaml
+++ b/bitnami/keycloak/templates/statefulset.yaml
@@ -3,7 +3,7 @@ apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
 kind: StatefulSet
 metadata:
  name: {{ template "keycloak.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/templates/tls-secret.yaml
+++ b/bitnami/keycloak/templates/tls-secret.yaml
@@ -5,7 +5,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: {{ .name }}
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ include "common.names.namespace" $ | quote }}
  labels: {{- include "common.labels.standard" $ | nindent 4 }}
    {{- if $.Values.commonLabels }}
    {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
@@ -27,7 +27,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: {{ printf "%s-tls" (tpl .Values.ingress.hostname .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    {{- if .Values.commonLabels }}
    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
@@ -44,7 +44,7 @@ data:
 {{- end }}
 {{- if (include "keycloak.createTlsSecret" $) }}
 {{- $ca := genCA "keycloak-ca" 365 }}
-{{- $releaseNamespace := .Release.Namespace }}
+{{- $releaseNamespace := include "common.names.namespace" . }}
 {{- $clusterDomain := .Values.clusterDomain }}
 {{- $fullname := include "keycloak.fullname" . }}
 ---
@@ -52,7 +52,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: {{ printf "%s-crt" (include "common.names.fullname" .) }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    app.kubernetes.io/component: keycloak
    {{- if .Values.commonLabels }}
--- a/bitnami/keycloak/values.yaml
+++ b/bitnami/keycloak/values.yaml
@@ -29,6 +29,9 @@ nameOverride: ""
 ## @param fullnameOverride String to fully override keycloak.fullname
 ##
 fullnameOverride: ""
+## @param namespaceOverride String to fully override common.names.namespace
+##
+namespaceOverride: ""
 ## @param commonLabels Labels to add to all deployed objects
 ##
 commonLabels: {}