Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix keycloak example + improve CI build to catch a similar issue next time #161

Merged
merged 4 commits into from
Oct 3, 2022
Merged

Fix keycloak example + improve CI build to catch a similar issue next time #161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
db31a20
Fix keycloak example + improve CI build to catch a similar issue next…
mstruk Oct 2, 2022
f38ab74
Try fix CI failure on s390x
mstruk Oct 3, 2022
d6ee5da
Try fix CI failure on s390x
mstruk Oct 3, 2022
169ad4b
Try fix CI failure on s390x
mstruk Oct 3, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions .travis/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,9 @@ if [ "${MAIN_BUILD}" == "TRUE" ] ; then
# Build s390x compatible hydra image
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/s390x-linux-gnu/jni
docker build --target hydra-import -t strimzi-oauth-testsuite/hydra-import:latest -f ./testsuite/docker/hydra-import/Dockerfile.s390x .
git clone -b 19.0.1 https://github.com/keycloak/keycloak-containers.git
git clone -b 19.0.2 https://github.com/keycloak/keycloak-containers.git
cd keycloak-containers/server/
docker build -t quay.io/keycloak/keycloak:19.0.1-legacy .
docker build -t quay.io/keycloak/keycloak:19.0.2-legacy .
cd ../../ && rm -rf keycloak-containers
docker build --target oryd-hydra -t oryd/hydra:v1.8.5 -f ./testsuite/docker/hydra-import/Dockerfile.s390x .
mvn test-compile spotbugs:check -e -V -B -f testsuite
Expand Down Expand Up @@ -94,6 +94,11 @@ if [ "${MAIN_BUILD}" == "TRUE" ] ; then

set -e
fi

# Test example image build for keycloak-ssl example
cd examples/docker
docker-compose -f compose.yml -f keycloak/compose-ssl.yml build
cd ../..
fi

# Push only releases
Expand Down
2 changes: 1 addition & 1 deletion examples/docker/keycloak-import/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM quay.io/keycloak/keycloak:19.0.1-legacy
FROM quay.io/keycloak/keycloak:19.0.2-legacy

RUN mkdir /opt/jboss/realms
COPY realms/* /opt/jboss/realms/
Expand Down
4 changes: 2 additions & 2 deletions examples/docker/keycloak/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
FROM quay.io/keycloak/keycloak:19.0.1-legacy
FROM quay.io/keycloak/keycloak:19.0.2-legacy

COPY certificates/keycloak.server.keystore.p12 /opt/jboss/keycloak/standalone/configuration/
COPY certificates/keycloak.server.keystore.p12 /opt/jboss/keycloak/standalone/configuration/keycloak.server.keystore
COPY keycloak-ssl.cli /opt/jboss/keycloak/

RUN cd /opt/jboss/keycloak && \
Expand Down
2 changes: 1 addition & 1 deletion examples/docker/keycloak/compose-ssl.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,4 @@ services:
KEYCLOAK_PASSWORD: "admin"
KEYCLOAK_HTTPS_PORT: 8443
PROXY_ADDRESS_FORWARDING: "true"
command: "-Dkeycloak.profile.feature.upload_scripts=enabled"
command: "-Dkeycloak.profile.feature.upload_scripts=enabled -b 0.0.0.0"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't be 0.0.0.0 IP address the default one?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently the default one is some network interface with IP that is not accessible from other docker instances.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's for https, which is added extra via jboss-cli script. It's quite possible that there is a way to configure this in there, but adding -b 0.0.0.0 is simple enough for the test.

2 changes: 1 addition & 1 deletion examples/docker/keycloak/compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: '3.5'
services:

keycloak:
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
container_name: keycloak
ports:
- 8080:8080
Expand Down
7 changes: 4 additions & 3 deletions examples/docker/keycloak/keycloak-ssl.cli
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
embed-server --server-config=standalone-ha.xml
/core-service=management/security-realm=UndertowRealm:add()
/core-service=management/security-realm=UndertowRealm/server-identity=ssl:add(keystore-path=keycloak.server.keystore.p12, keystore-relative-to=jboss.server.config.dir, keystore-password=changeit)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=security-realm, value=UndertowRealm)
/subsystem=elytron/key-store=kcKeyStore:add(path=keycloak.server.keystore,relative-to=jboss.server.config.dir, credential-reference={clear-text=changeit},type=PKCS12)
/subsystem=elytron/key-manager=kcKeyManager:add(key-store=kcKeyStore,credential-reference={clear-text=changeit})
/subsystem=elytron/server-ssl-context=kcSSLContext:add(key-manager=kcKeyManager)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=kcSSLContext)
2 changes: 1 addition & 1 deletion examples/kubernetes/keycloak-postgres.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ metadata:
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
args:
- "-b 0.0.0.0"
- "-Dkeycloak.profile.feature.upload_scripts=enabled"
Expand Down
2 changes: 1 addition & 1 deletion examples/kubernetes/keycloak.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ metadata:
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
args:
- "-b 0.0.0.0"
- "-Dkeycloak.profile.feature.upload_scripts=enabled"
Expand Down
2 changes: 1 addition & 1 deletion testsuite/keycloak-auth-tests/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: '3'

services:
keycloak:
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
ports:
- "8080:8080"
volumes:
Expand Down
2 changes: 1 addition & 1 deletion testsuite/keycloak-authz-tests/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: '3'

services:
keycloak:
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
ports:
- "8080:8080"
- "8443:8443"
Expand Down
2 changes: 1 addition & 1 deletion testsuite/keycloak-errors-tests/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: '3'

services:
keycloak:
image: quay.io/keycloak/keycloak:19.0.1-legacy
image: quay.io/keycloak/keycloak:19.0.2-legacy
ports:
- "8080:8080"
- "8443:8443"
Expand Down