This repository aims to produce a customized image of Keycloak, capable of handling the special requirements of Hermes.
Note that Hermes is an educational project.
To be fully operational, this service requires:
- A MySQL database instance.
See the official documentation here.
Keycloak does not currently provide observability out of the box. In addition, it is currently a little complex to add an observability module like smallrye-health, so no effort was made to integrate such an ability. In the (near) future, the Keycloak dev community plans to support health checks without any config, see KEYCLOAK-12398 for more details.
This means that, the k8s config of this project only supports a readiness probe as shown in the official example :
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080It is generally not recommended putting realm config exports inside an image as it contains very sensitive data that must remain secret. Since this is an educational project, there is no concern.
There are 2 deployment options:
- A
docker-compose.yamlfile can be found here. It will deploy the whole application along with the backend. Kubernetesmanifest files can also be found under/k8s.