diff --git a/docs/guides/server/hostname.adoc b/docs/guides/server/hostname.adoc index eb3bd40285df..28fd866ff146 100644 --- a/docs/guides/server/hostname.adoc +++ b/docs/guides/server/hostname.adoc @@ -40,7 +40,7 @@ Most of the time, it should be enough to set the `hostname` option in order to c When using the `hostname` option the server is going to resolve the HTTP scheme, port, and path, automatically so that: * `https` scheme is used unless you set `hostname-strict-https=false` -* if the `proxy-headers` option is set, the proxy will use the default ports (i.e.: 80 and 443). If the proxy uses a different port, it needs to be specified via the `hostname-port` configuration option +* if the `proxy-headers` option is set, the proxy will use the default ports (i.e.: 80 and 443). If the proxy uses a different port, it needs to be specified via the `hostname-url` configuration option However, if you want to set not only the host but also a scheme, port, and path, you can set the `hostname-url` option: diff --git a/quarkus/config-api/src/main/java/org/keycloak/config/DeprecatedMetadata.java b/quarkus/config-api/src/main/java/org/keycloak/config/DeprecatedMetadata.java index 6c6a15407552..70fa43a29f26 100644 --- a/quarkus/config-api/src/main/java/org/keycloak/config/DeprecatedMetadata.java +++ b/quarkus/config-api/src/main/java/org/keycloak/config/DeprecatedMetadata.java @@ -19,25 +19,26 @@ import java.util.Collections; import java.util.List; +import java.util.Set; /** * @author Vaclav Muzikar */ public class DeprecatedMetadata { - private final List newOptionsKeys; + private final Set newOptionsKeys; private final String note; public DeprecatedMetadata() { - newOptionsKeys = Collections.emptyList(); + newOptionsKeys = Collections.emptySet(); note = null; } - public DeprecatedMetadata(List newOptionsKeys, String note) { - this.newOptionsKeys = newOptionsKeys == null ? Collections.emptyList() : Collections.unmodifiableList(newOptionsKeys); + public DeprecatedMetadata(Set newOptionsKeys, String note) { + this.newOptionsKeys = newOptionsKeys == null ? Collections.emptySet() : Collections.unmodifiableSet(newOptionsKeys); this.note = note; } - public List getNewOptionsKeys() { + public Set getNewOptionsKeys() { return newOptionsKeys; } diff --git a/quarkus/config-api/src/main/java/org/keycloak/config/HttpOptions.java b/quarkus/config-api/src/main/java/org/keycloak/config/HttpOptions.java index fe2dbff4dc3b..95c0477277cd 100644 --- a/quarkus/config-api/src/main/java/org/keycloak/config/HttpOptions.java +++ b/quarkus/config-api/src/main/java/org/keycloak/config/HttpOptions.java @@ -90,13 +90,13 @@ public enum ClientAuth { public static final Option HTTPS_TRUST_STORE_FILE = new OptionBuilder<>("https-trust-store-file", File.class) .category(OptionCategory.HTTP) .description("The trust store which holds the certificate information of the certificates to trust.") - .deprecatedWithNote("Use the System Truststore instead, see the docs for details.") + .deprecated("Use the System Truststore instead, see the docs for details.") .build(); public static final Option HTTPS_TRUST_STORE_PASSWORD = new OptionBuilder<>("https-trust-store-password", String.class) .category(OptionCategory.HTTP) .description("The password of the trust store file.") - .deprecatedWithNote("Use the System Truststore instead, see the docs for details.") + .deprecated("Use the System Truststore instead, see the docs for details.") .build(); public static final Option HTTPS_TRUST_STORE_TYPE = new OptionBuilder<>("https-trust-store-type", String.class) @@ -104,7 +104,7 @@ public enum ClientAuth { .description("The type of the trust store file. " + "If not given, the type is automatically detected based on the file name. " + "If '" + SecurityOptions.FIPS_MODE.getKey() + "' is set to '" + FipsMode.STRICT + "' and no value is set, it defaults to 'BCFKS'.") - .deprecatedWithNote("Use the System Truststore instead, see the docs for details.") + .deprecated("Use the System Truststore instead, see the docs for details.") .build(); public static final Option HTTP_SERVER_ENABLED = new OptionBuilder<>("http-server-enabled", Boolean.class) diff --git a/quarkus/config-api/src/main/java/org/keycloak/config/OptionBuilder.java b/quarkus/config-api/src/main/java/org/keycloak/config/OptionBuilder.java index da7b67392041..61270293ce0f 100644 --- a/quarkus/config-api/src/main/java/org/keycloak/config/OptionBuilder.java +++ b/quarkus/config-api/src/main/java/org/keycloak/config/OptionBuilder.java @@ -1,9 +1,8 @@ package org.keycloak.config; -import java.util.Arrays; -import java.util.Collections; import java.util.List; import java.util.Optional; +import java.util.Set; import java.util.function.Supplier; import java.util.stream.Collectors; @@ -119,18 +118,18 @@ public OptionBuilder deprecated() { return this; } - public OptionBuilder deprecatedWithNote(String note) { + public OptionBuilder deprecated(String note) { this.deprecatedMetadata = new DeprecatedMetadata(null, note); return this; } - public OptionBuilder deprecated(String... newOptionsKeys) { - this.deprecatedMetadata = new DeprecatedMetadata(Arrays.asList(newOptionsKeys), null); + public OptionBuilder deprecated(Set newOptionsKeys) { + this.deprecatedMetadata = new DeprecatedMetadata(newOptionsKeys, null); return this; } - public OptionBuilder deprecatedWithNote(String note, String... newOptionsKeys) { - this.deprecatedMetadata = new DeprecatedMetadata(Arrays.asList(newOptionsKeys), note); + public OptionBuilder deprecated(String note, Set newOptionsKeys) { + this.deprecatedMetadata = new DeprecatedMetadata(newOptionsKeys, note); return this; } diff --git a/quarkus/config-api/src/main/java/org/keycloak/config/ProxyOptions.java b/quarkus/config-api/src/main/java/org/keycloak/config/ProxyOptions.java index 7327f6ece2ba..39e76b50b812 100644 --- a/quarkus/config-api/src/main/java/org/keycloak/config/ProxyOptions.java +++ b/quarkus/config-api/src/main/java/org/keycloak/config/ProxyOptions.java @@ -1,5 +1,7 @@ package org.keycloak.config; +import java.util.Set; + public class ProxyOptions { public enum Headers { @@ -37,7 +39,7 @@ public boolean isProxyHeadersEnabled() { .category(OptionCategory.PROXY) .description("The proxy address forwarding mode if the server is behind a reverse proxy.") .defaultValue(Mode.none) - .deprecated(PROXY_HEADERS.getKey()) + .deprecated(Set.of(PROXY_HEADERS.getKey())) .build(); public static final Option PROXY_FORWARDED_HOST = new OptionBuilder<>("proxy-forwarded-host", Boolean.class) diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/OptionRenderer.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/OptionRenderer.java index b72380374977..837e1d61c4dc 100644 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/OptionRenderer.java +++ b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/OptionRenderer.java @@ -47,16 +47,14 @@ public Text[][] render(OptionSpec option, IParamLabelRenderer paramLabelRenderer Text shortName = names.length > 1 ? scheme.optionText(names[0]) : EMPTY_TEXT; Text longName = createLongName(option, scheme); Text[][] result = new Text[1][]; - String[] descriptions = option.description(); + Text description = scheme.text(option.description()[0]); // for better formatting, only a single line is expected in the description // formatting is done by customizations to the text table - if (descriptions.length > 1) { + if (option.description().length > 1) { throw new CommandLine.PicocliException("Option[" + option + "] description should have a single line."); } - Text description = formatDescription(descriptions, option, scheme); - if (EMPTY_TEXT.equals(shortName)) { result[0] = new Text[] { longName, description }; } else { @@ -66,26 +64,6 @@ public Text[][] render(OptionSpec option, IParamLabelRenderer paramLabelRenderer return result; } - private Text formatDescription(String[] descriptions, OptionSpec option, ColorScheme scheme) { - String description = descriptions[0]; - String defaultValue = option.defaultValue(); - Iterable completionCandidates = option.completionCandidates(); - - if (!option.type().equals(Boolean.class) && completionCandidates != null) { - List expectedValues = StreamSupport.stream(completionCandidates.spliterator(), false).collect(Collectors.toList()); - - if (!expectedValues.isEmpty()) { - description = description + " Possible values are: " + String.join(", ", expectedValues) + "."; - } - } - - if (defaultValue != null) { - description = description + " Default: " + defaultValue + "."; - } - - return scheme.text(description); - } - private Text createLongName(OptionSpec option, ColorScheme scheme) { Text name = scheme.optionText(option.longestName()); String paramLabel = formatParamLabel(option); diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/Picocli.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/Picocli.java index 425a0f79f977..5360849f4d42 100644 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/Picocli.java +++ b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/cli/Picocli.java @@ -30,6 +30,7 @@ import static org.keycloak.quarkus.runtime.configuration.Configuration.getCurrentBuiltTimeProperty; import static org.keycloak.quarkus.runtime.configuration.Configuration.getRawPersistedProperty; import static org.keycloak.quarkus.runtime.configuration.Configuration.getRuntimeProperty; +import static org.keycloak.quarkus.runtime.configuration.MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX; import static org.keycloak.quarkus.runtime.configuration.mappers.PropertyMappers.formatValue; import static org.keycloak.quarkus.runtime.configuration.mappers.PropertyMappers.isBuildTimeProperty; import static org.keycloak.utils.StringUtil.isNotBlank; @@ -48,12 +49,10 @@ import java.util.Objects; import java.util.Optional; import java.util.Set; -import java.util.TreeSet; import java.util.function.BiConsumer; import java.util.regex.Pattern; import java.util.stream.Collectors; -import io.quarkus.logging.Log; import org.eclipse.microprofile.config.spi.ConfigSource; import org.jboss.logging.Logger; import org.keycloak.config.DeprecatedMetadata; @@ -316,8 +315,13 @@ public static void validateNonCliConfig(List cliArgs, AbstractCommand ab mapper.getDeprecatedMetadata().ifPresent(d -> { DeprecatedMetadata metadata = (DeprecatedMetadata) d; + String optionName = mapper.getFrom(); + if (optionName.startsWith(NS_KEYCLOAK_PREFIX)) { + optionName = optionName.substring(NS_KEYCLOAK_PREFIX.length()); + } + StringBuilder sb = new StringBuilder("\t- "); - sb.append(mapper.getFrom()); + sb.append(optionName); if (metadata.getNote() != null || !metadata.getNewOptionsKeys().isEmpty()) { sb.append(":"); } @@ -596,7 +600,7 @@ private static void addMappedOptionsToArgGroups(CommandLine commandLine, Map() { @Override @@ -631,26 +635,36 @@ public Iterator iterator() { } } - private static String getTransformedOptionDescription(PropertyMapper mapper) { + private static String getDecoratedOptionDescription(PropertyMapper mapper) { StringBuilder transformedDesc = new StringBuilder(mapper.getDescription()); + if (mapper.getType() != Boolean.class && !mapper.getExpectedValues().isEmpty()) { + transformedDesc.append(" Possible values are: " + String.join(", ", mapper.getExpectedValues()) + "."); + } + + mapper.getDefaultValue().map(d -> " Default: " + d + ".").ifPresent(transformedDesc::append); + mapper.getDeprecatedMetadata().ifPresent(deprecatedMetadata -> { List deprecatedDetails = new ArrayList<>(); - if (deprecatedMetadata.getNote() != null) { - deprecatedDetails.add(deprecatedMetadata.getNote()); + String note = deprecatedMetadata.getNote(); + if (note != null) { + if (!note.endsWith(".")) { + note += "."; + } + deprecatedDetails.add(note); } if (!deprecatedMetadata.getNewOptionsKeys().isEmpty()) { - deprecatedDetails.add("Use: " + String.join(", ", deprecatedMetadata.getNewOptionsKeys()) + "."); + String s = deprecatedMetadata.getNewOptionsKeys().size() > 1 ? "s" : ""; + deprecatedDetails.add("Consider non-deprecated option" + s + ": " + String.join(", ", deprecatedMetadata.getNewOptionsKeys()) + "."); } - StringBuilder deprecateDesc = new StringBuilder("@|bold DEPRECATED."); + transformedDesc.insert(0, "@|bold DEPRECATED.|@ "); if (!deprecatedDetails.isEmpty()) { - deprecateDesc - .append(" ") - .append(String.join(" ", deprecatedDetails)); + transformedDesc + .append(" @|bold ") + .append(String.join(" ", deprecatedDetails)) + .append("|@"); } - deprecateDesc.append("|@ -- "); - transformedDesc.insert(0, deprecateDesc); }); return transformedDesc.toString(); diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt index 1c9dd9d5461d..d58ec947714b 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt @@ -150,17 +150,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -186,9 +186,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt index 06659d625d6a..bcdb215737d2 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt @@ -145,17 +145,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -172,9 +172,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt index 1c9dd9d5461d..d58ec947714b 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt @@ -150,17 +150,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -186,9 +186,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt index 06659d625d6a..bcdb215737d2 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt @@ -145,17 +145,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -172,9 +172,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt index 52ad1c4545fd..8d91b29e3ae4 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt @@ -151,17 +151,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -187,9 +187,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt index e2d3bd70cfbb..9a8ebea53a9b 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt @@ -146,17 +146,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -173,9 +173,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt index 52ad1c4545fd..8d91b29e3ae4 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt @@ -151,17 +151,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -187,9 +187,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt index e2d3bd70cfbb..9a8ebea53a9b 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt @@ -146,17 +146,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Health: @@ -173,9 +173,9 @@ Metrics: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.unix.approved.txt index 595fe5645a01..87706f76c704 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.unix.approved.txt @@ -107,17 +107,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Config: @@ -130,9 +130,9 @@ Config: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.windows.approved.txt index d55c4ff09e51..c307a4e12b0b 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.windows.approved.txt @@ -100,23 +100,23 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.unix.approved.txt index 595fe5645a01..87706f76c704 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.unix.approved.txt @@ -107,17 +107,17 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Config: @@ -130,9 +130,9 @@ Config: Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.windows.approved.txt index 11c635de0a6f..94c6ad9cb102 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.windows.approved.txt @@ -100,23 +100,23 @@ HTTP(S): --https-protocols The list of protocols to explicitly enable. Default: TLSv1.3,TLSv1.2. --https-trust-store-file - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The trust store which holds the certificate information of the certificates - to trust. + DEPRECATED. The trust store which holds the certificate information of the + certificates to trust. Use the System Truststore instead, see the docs for + details. --https-trust-store-password - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The password of the trust store file. + DEPRECATED. The password of the trust store file. Use the System Truststore + instead, see the docs for details. --https-trust-store-type - DEPRECATED. Use the System Truststore instead, see the docs for details. -- - The type of the trust store file. If not given, the type is automatically - detected based on the file name. If 'fips-mode' is set to 'strict' and no - value is set, it defaults to 'BCFKS'. + DEPRECATED. The type of the trust store file. If not given, the type is + automatically detected based on the file name. If 'fips-mode' is set to + 'strict' and no value is set, it defaults to 'BCFKS'. Use the System + Truststore instead, see the docs for details. Proxy: ---proxy DEPRECATED. Use: proxy-headers. -- The proxy address forwarding mode if the - server is behind a reverse proxy. Possible values are: none, edge, - reencrypt, passthrough. Default: none. +--proxy DEPRECATED. The proxy address forwarding mode if the server is behind a + reverse proxy. Possible values are: none, edge, reencrypt, passthrough. + Default: none. Consider non-deprecated option: proxy-headers. --proxy-headers The proxy headers that should be accepted by the server. Misconfiguration might leave the server exposed to security vulnerabilities. Takes precedence