fix(keycloak): use plain HTTP route to avoid certificate issues (redhat-developer#19)

- Update Keycloak environment variables for HTTP mode:
  - Replace KC_PROXY_HEADERS with KC_PROXY=edge
  - Add KC_HOSTNAME_STRICT_HTTPS=false
- Remove TLS edge termination from OpenShift route to use plain HTTP
- Bump version to 1.1.3

This simplifies test environment setup by avoiding self-signed
certificate issues with TLS termination.

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Author: subhashkhileri

package.json

@@ -1,6 +1,6 @@
 {
   "name": "rhdh-e2e-test-utils",
-  "version": "1.1.2",
+  "version": "1.1.3",
   "description": "Test utilities for RHDH E2E tests",
   "license": "Apache-2.0",
   "type": "module",

src/deployment/keycloak/config/keycloak-values.yaml

@@ -67,12 +67,14 @@ extraEnvVars:
     value: admin
   - name: KEYCLOAK_ADMIN_PASSWORD
     value: admin123
-  - name: KC_HTTP_ENABLED
-    value: "true"
-  - name: KC_PROXY_HEADERS
-    value: "xforwarded"
   - name: KC_HOSTNAME_STRICT
     value: "false"
+  - name: KC_HOSTNAME_STRICT_HTTPS
+    value: "false"
+  - name: KC_HTTP_ENABLED
+    value: "true"
+  - name: KC_PROXY
+    value: "edge"
   - name: JAVA_OPTS_APPEND
     value: "-Djava.net.preferIPv4Stack=true -Xms256m -Xmx512m"
 

src/deployment/keycloak/deployment.ts

@@ -389,7 +389,7 @@ export class KeycloakHelper {
   }
 
   private async _createRoute(): Promise<void> {
-    // Use TLS edge termination with Allow policy to support both HTTP and HTTPS
+    // Use plain HTTP route (no TLS) for test environments to avoid self-signed certificate issues
     const routeManifest = `
 apiVersion: route.openshift.io/v1
 kind: Route
@@ -406,9 +406,6 @@ spec:
     weight: 100
   port:
     targetPort: http
-  tls:
-    termination: edge
-    insecureEdgeTerminationPolicy: Allow
   wildcardPolicy: None
 `;