Merge pull request #24559 from sberyozkin/keycloak-17.0.1

Bump Keycloak version to 17.0.1
quarkusio · Mar 25, 2022 · 72eee76 · 72eee76
2 parents d1ddb02 + cc572b3
commit 72eee76
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 9 deletions.
diff --git a/bom/application/pom.xml b/bom/application/pom.xml
@@ -171,7 +171,7 @@
         <jna.version>5.8.0</jna.version><!-- should satisfy both testcontainers and mongodb -->
         <antlr.version>4.9.2</antlr.version>
         <quarkus-security.version>1.1.4.Final</quarkus-security.version>
-        <keycloak.version>17.0.0</keycloak.version>
+        <keycloak.version>17.0.1</keycloak.version>
         <logstash-gelf.version>1.15.0</logstash-gelf.version>
         <checker-qual.version>3.21.3</checker-qual.version>
         <error-prone-annotations.version>2.11.0</error-prone-annotations.version>

diff --git a/build-parent/pom.xml b/build-parent/pom.xml
@@ -96,7 +96,7 @@
 
         <!-- The image to use for tests that run Keycloak -->
         <!-- IMPORTANT: If this is changed you must also update bom/application/pom.xml and KeycloakBuildTimeConfig/DevServicesConfig in quarkus-oidc/deployment to match the version -->
-        <keycloak.version>17.0.0</keycloak.version>
+        <keycloak.version>17.0.1</keycloak.version>
         <keycloak.docker.image>quay.io/keycloak/keycloak:${keycloak.version}</keycloak.docker.image>
         <keycloak.docker.legacy.image>quay.io/keycloak/keycloak:${keycloak.version}-legacy</keycloak.docker.legacy.image>
 

diff --git a/...ment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/DevServicesConfig.java b/...ment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/DevServicesConfig.java
@@ -28,15 +28,15 @@ public class DevServicesConfig {
      *
      * Image with a Quarkus based distribution is used by default.
      * Image with a WildFly based distribution can be selected instead, for example:
-     * 'quay.io/keycloak/keycloak:17.0.0-legacy'.
+     * 'quay.io/keycloak/keycloak:17.0.1-legacy'.
      * <p>
      * Note Keycloak Quarkus and Keycloak WildFly images are initialized differently.
      * By default, Dev Services for Keycloak will assume it is a Keycloak Quarkus image if the image version does not end with a
      * '-legacy'
      * string.
      * Set 'quarkus.keycloak.devservices.keycloak-x-image' to override this check.
      */
-    @ConfigItem(defaultValue = "quay.io/keycloak/keycloak:17.0.0")
+    @ConfigItem(defaultValue = "quay.io/keycloak/keycloak:17.0.1")
     public String imageName;
 
     /**

diff --git a/...in/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor.java b/...in/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor.java
@@ -3,6 +3,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.UncheckedIOException;
+import java.net.ConnectException;
 import java.net.MalformedURLException;
 import java.net.ServerSocket;
 import java.net.URI;
@@ -21,6 +22,7 @@
 import java.util.Optional;
 import java.util.OptionalInt;
 import java.util.Set;
+import java.util.function.Predicate;
 import java.util.function.Supplier;
 
 import org.eclipse.microprofile.config.ConfigProvider;
@@ -58,6 +60,7 @@
 import io.quarkus.oidc.deployment.devservices.OidcDevServicesUtils;
 import io.quarkus.runtime.LaunchMode;
 import io.quarkus.runtime.configuration.ConfigUtils;
+import io.smallrye.mutiny.Uni;
 import io.vertx.core.Vertx;
 import io.vertx.core.http.HttpHeaders;
 import io.vertx.mutiny.core.buffer.Buffer;
@@ -407,7 +410,8 @@ protected void configure() {
             if (keycloakX) {
                 addEnv(KEYCLOAK_QUARKUS_ADMIN_PROP, KEYCLOAK_ADMIN_USER);
                 addEnv(KEYCLOAK_QUARKUS_ADMIN_PASSWORD_PROP, KEYCLOAK_ADMIN_PASSWORD);
-                withCommand(KEYCLOAK_QUARKUS_START_CMD);
+                withCommand(KEYCLOAK_QUARKUS_START_CMD
+                        + (useSharedNetwork ? " --hostname-port=" + fixedExposedPort.getAsInt() : ""));
             } else {
                 addEnv(KEYCLOAK_WILDFLY_USER_PROP, KEYCLOAK_ADMIN_USER);
                 addEnv(KEYCLOAK_WILDFLY_PASSWORD_PROP, KEYCLOAK_ADMIN_PASSWORD);
@@ -521,23 +525,57 @@ private void createRealm(String keycloakUrl, RealmRepresentation realm) {
                     keycloakUrl + "/realms/master/protocol/openid-connect/token",
                     "admin-cli", null, "admin", "admin", null, capturedDevServicesConfiguration.webClienTimeout);
 
-            HttpResponse<Buffer> response = client.postAbs(keycloakUrl + "/admin/realms")
+            HttpResponse<Buffer> createRealmResponse = client.postAbs(keycloakUrl + "/admin/realms")
                     .putHeader(HttpHeaders.CONTENT_TYPE.toString(), "application/json")
                     .putHeader(HttpHeaders.AUTHORIZATION.toString(), "Bearer " + token)
                     .sendBuffer(Buffer.buffer().appendString(JsonSerialization.writeValueAsString(realm)))
                     .await().atMost(capturedDevServicesConfiguration.webClienTimeout);
 
-            if (response.statusCode() > 299) {
-                LOG.errorf("Realm %s can not be created %d - %s ", realm.getRealm(), response.statusCode(),
-                        response.statusMessage());
+            if (createRealmResponse.statusCode() > 299) {
+                LOG.errorf("Realm %s can not be created %d - %s ", realm.getRealm(), createRealmResponse.statusCode(),
+                        createRealmResponse.statusMessage());
             }
+
+            Uni<Integer> realmStatusCodeUni = client.getAbs(keycloakUrl + "/realms/" + realm.getRealm())
+                    .send().onItem()
+                    .transform(resp -> {
+                        LOG.debugf("Realm status: %d", resp.statusCode());
+                        if (resp.statusCode() == 200) {
+                            return 200;
+                        } else {
+                            throw new RealmEndpointAccessException(resp.statusCode());
+                        }
+                    }).onFailure(realmEndpointNotAvailable())
+                    .retry()
+                    .withBackOff(Duration.ofSeconds(2), Duration.ofSeconds(2))
+                    .expireIn(10 * 1000)
+                    .onFailure().transform(t -> t.getCause());
+            realmStatusCodeUni.await().atMost(Duration.ofSeconds(10));
         } catch (Throwable t) {
             LOG.errorf("Realm %s can not be created: %s", realm.getRealm(), t.getMessage());
         } finally {
             client.close();
         }
     }
 
+    @SuppressWarnings("serial")
+    static class RealmEndpointAccessException extends RuntimeException {
+        private final int errorStatus;
+
+        public RealmEndpointAccessException(int errorStatus) {
+            this.errorStatus = errorStatus;
+        }
+
+        public int getErrorStatus() {
+            return errorStatus;
+        }
+    }
+
+    public static Predicate<? super Throwable> realmEndpointNotAvailable() {
+        return t -> (t instanceof ConnectException
+                || (t instanceof RealmEndpointAccessException && ((RealmEndpointAccessException) t).getErrorStatus() == 404));
+    }
+
     private Map<String, String> getUsers(Map<String, String> configuredUsers, boolean createRealm) {
         if (configuredUsers.isEmpty() && createRealm) {
             Map<String, String> users = new LinkedHashMap<String, String>();