libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Incorrect Url on Keycloak Health - Liveness and Readiness, no Startup Probes

Browse source 
Fixes #17388
This commit is contained in:
Martin Bartoš 2023-06-16 16:12:56 +02:00 committed by Bruno Oliveira da Silva
parent 137f8d807a
commit 0ecdebc000
2 changed files with 54 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java
View file

@ -404,23 +404,26 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
// probes
var tlsConfigured = isTlsConfigured(keycloakCR);
var userRelativePath = readConfigurationValue(Constants.KEYCLOAK_HTTP_RELATIVE_PATH_KEY);
var kcRelativePath = (userRelativePath == null) ? "" : userRelativePath;
var protocol = !tlsConfigured ? "HTTP" : "HTTPS";
var kcPort = KeycloakService.getServicePort(keycloakCR);
// Relative path ends with '/'
var kcRelativePath = Optional.ofNullable(readConfigurationValue(Constants.KEYCLOAK_HTTP_RELATIVE_PATH_KEY))
.map(path -> !path.endsWith("/") ? path + "/" : path)
.orElse("/");
container.getReadinessProbe().setHttpGet(
new HTTPGetActionBuilder()
.withScheme(protocol)
.withPort(new IntOrString(kcPort))
.withPath(kcRelativePath + "/health/ready")
.withPath(kcRelativePath + "health/ready")
.build()
);
container.getLivenessProbe().setHttpGet(
new HTTPGetActionBuilder()
.withScheme(protocol)
.withPort(new IntOrString(kcPort))
.withPath(kcRelativePath + "/health/live")
.withPath(kcRelativePath + "health/live")
.build()
);

53
operator/src/test/java/org/keycloak/operator/testsuite/unit/PodTemplateTest.java
View file

@ -17,6 +17,7 @@
package org.keycloak.operator.testsuite.unit;
import io.fabric8.kubernetes.api.model.Container;
import io.fabric8.kubernetes.api.model.IntOrString;
import io.fabric8.kubernetes.api.model.PodTemplateSpec;
import io.fabric8.kubernetes.api.model.PodTemplateSpecBuilder;
@ -29,12 +30,15 @@ import org.keycloak.operator.Config;
import org.keycloak.operator.controllers.KeycloakDeployment;
import org.keycloak.operator.crds.v2alpha1.deployment.Keycloak;
import org.keycloak.operator.crds.v2alpha1.deployment.KeycloakSpecBuilder;
import org.keycloak.operator.crds.v2alpha1.deployment.ValueOrSecret;
import org.keycloak.operator.crds.v2alpha1.deployment.spec.HostnameSpecBuilder;
import org.keycloak.operator.crds.v2alpha1.deployment.spec.HttpSpecBuilder;
import org.keycloak.operator.crds.v2alpha1.deployment.spec.UnsupportedSpec;
import java.util.Collections;
import java.util.Map;
import java.util.function.Consumer;
import java.util.function.Function;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
@ -42,9 +46,8 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
@QuarkusTest
public class PodTemplateTest {
private StatefulSet getDeployment(PodTemplateSpec podTemplate, StatefulSet existingDeployment) {
var config = new Config(){
private StatefulSet getDeployment(PodTemplateSpec podTemplate, StatefulSet existingDeployment, Consumer<KeycloakSpecBuilder> additionalSpec) {
var config = new Config() {
@Override
public Keycloak keycloak() {
return new Keycloak() {
@ -52,6 +55,7 @@ public class PodTemplateTest {
public String image() {
return "dummy-image";
}
@Override
public String imagePullPolicy() {
return "Never";
@ -68,15 +72,25 @@ public class PodTemplateTest {
var httpSpec = new HttpSpecBuilder().withTlsSecret("example-tls-secret").build();
var hostnameSpec = new HostnameSpecBuilder().withHostname("example.com").build();
kc.setSpec(new KeycloakSpecBuilder().withUnsupported(new UnsupportedSpec(podTemplate))
var keycloakSpecBuilder = new KeycloakSpecBuilder()
.withUnsupported(new UnsupportedSpec(podTemplate))
.withHttpSpec(httpSpec)
.withHostnameSpec(hostnameSpec)
.build());
.withHostnameSpec(hostnameSpec);
if (additionalSpec != null) {
additionalSpec.accept(keycloakSpecBuilder);
}
kc.setSpec(keycloakSpecBuilder.build());
var deployment = new KeycloakDeployment(null, config, kc, existingDeployment, "dummy-admin");
return (StatefulSet) deployment.getReconciledResource().get();
}
private StatefulSet getDeployment(PodTemplateSpec podTemplate, StatefulSet existingDeployment) {
return getDeployment(podTemplate, existingDeployment, null);
}
private StatefulSet getDeployment(PodTemplateSpec podTemplate) {
return getDeployment(podTemplate, new StatefulSet());
}
@ -281,4 +295,31 @@ public class PodTemplateTest {
assertThat(podTemplate.getMetadata().getAnnotations()).containsEntry("one", "1");
assertThat(podTemplate.getMetadata().getAnnotations()).containsEntry("two", "2");
}
@Test
public void testRelativePathHealthProbes() {
final Function<String, Container> setUpRelativePath = (path) -> getDeployment(null, new StatefulSet(),
spec -> spec.withAdditionalOptions(new ValueOrSecret("http-relative-path", path)))
.getSpec()
.getTemplate()
.getSpec()
.getContainers()
.get(0);
var first = setUpRelativePath.apply("/");
assertEquals("/health/ready", first.getReadinessProbe().getHttpGet().getPath());
assertEquals("/health/live", first.getLivenessProbe().getHttpGet().getPath());
var second = setUpRelativePath.apply("some");
assertEquals("some/health/ready", second.getReadinessProbe().getHttpGet().getPath());
assertEquals("some/health/live", second.getLivenessProbe().getHttpGet().getPath());
var third = setUpRelativePath.apply("");
assertEquals("/health/ready", third.getReadinessProbe().getHttpGet().getPath());
assertEquals("/health/live", third.getLivenessProbe().getHttpGet().getPath());
var fourth = setUpRelativePath.apply("/some/");
assertEquals("/some/health/ready", fourth.getReadinessProbe().getHttpGet().getPath());
assertEquals("/some/health/live", fourth.getLivenessProbe().getHttpGet().getPath());
}
}