Skip to content

Latest commit

 

History

History
91 lines (62 loc) · 3.4 KB

README.md

File metadata and controls

91 lines (62 loc) · 3.4 KB

Keycloak Bitnami Image

build

This project aims to build a secure and up-to-date container image for Bitnami's Keycloak Chart, leveraging the Apko and Melange projects to create an image free from Common Vulnerabilities and Exposures (CVEs).

Image Tag Keycloak Version Description
latest 25.0.8 Latest stable release of Keycloak
latest-24 24.0.8 Latest release within Keycloak version 24
latest-23 23.0.7 Latest release within Keycloak version 23
latest-22 22.0.13 Latest release within Keycloak version 22

Table of Contents

Introduction

Keycloak Bitnami Container Image is a project that automates the process of building a container image for Bitnami's Keycloak Helm Chart while ensuring it is free from known security vulnerabilities. This is achieved through the use of the Apko and Melange projects, which provide tools for scanning and remediating CVEs in container images.

Prerequisites

Before you begin, ensure you have the following prerequisites installed:

Getting Started

To quickly get started, run the following command to launch Keycloak Bitnami using a specific image:

docker run --rm -it -p 8080:8080 \
  -e KEYCLOAK_DATABASE_VENDOR=dev-file \
  -e KEYCLOAK_ENABLE_HEALTH_ENDPOINTS=true \
  ghcr.io/eminaktas/keycloak-bitnami-image:latest

Also, you can use Docker Compose to run the Keycloak with PostgreSQL:

docker-compose up

This command pulls and runs the specified Keycloak image, exposing it on port 8080. Adjust the environment variables as needed.

Building the Container Image

To build the container image using Melange and Apko, follow these steps:

  • Generate temporary keys with Melange:
docker run --rm -v "$(pwd)":/work cgr.dev/chainguard/melange keygen
  • Build the package for Keycloak metrics SPI:
KEYCLOAK_VERSION=25 docker run --privileged --rm -v "$(pwd)":/work -w /work \
  cgr.dev/chainguard/melange build $KEYCLOAK_VERSION/keycloak-metrics-spi-melange.yaml \
  --signing-key melange.rsa
  • Build the package for Keycloak:
KEYCLOAK_VERSION=25 docker run --privileged --rm -v "$(pwd)":/work -w /work \
  cgr.dev/chainguard/melange build $KEYCLOAK_VERSION/keycloak-melange.yaml \
  --signing-key melange.rsa --pipeline-dir pipelines
  • Build the container image:
KEYCLOAK_VERSION=25 docker run --rm -v "$(pwd)":/work -w /work cgr.dev/chainguard/apko build $KEYCLOAK_VERSION/apko.yaml \
  keycloak-bitnami-image:latest keycloak-bitnami-image-latest.tar \
  --keyring-append melange.rsa.pub

These commands generate the necessary keys, apk packages for Keycloak, and build the final container image for Keycloak Bitnami.

License

This project is licensed under the Apache-2.0 License.