libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Review http/https and proxy settings in operator

Browse source 
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
This commit is contained in:
andreaTP 2022-05-16 14:21:49 +01:00 committed by Bruno Oliveira da Silva
parent 37e2298006
commit 2747729fbb
3 changed files with 35 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
operator/src/main/java/org/keycloak/operator/v2alpha1/KeycloakDeployment.java
View file

@ -354,6 +354,14 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
new EnvVarBuilder() new EnvVarBuilder()
.withName("KC_HTTP_ENABLED") .withName("KC_HTTP_ENABLED")
.withValue("true") .withValue("true")
.build(),
new EnvVarBuilder()
.withName("KC_HOSTNAME_STRICT_HTTPS")
.withValue("false")
.build(),
new EnvVarBuilder()
.withName("KC_PROXY")
.withValue("edge")
.build()); .build());
envVars.addAll(disableTls); envVars.addAll(disableTls);
@ -371,6 +379,10 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
new EnvVarBuilder() new EnvVarBuilder()
.withName("KC_HTTPS_CERTIFICATE_KEY_FILE") .withName("KC_HTTPS_CERTIFICATE_KEY_FILE")
.withValue(Constants.CERTIFICATES_FOLDER + "/tls.key") .withValue(Constants.CERTIFICATES_FOLDER + "/tls.key")
.build(),
new EnvVarBuilder()
.withName("KC_PROXY")
.withValue("passthrough")
.build()); .build());
envVars.addAll(enabledTls); envVars.addAll(enabledTls);

4
operator/src/test/java/org/keycloak/operator/KeycloakDeploymentE2EIT.java
View file

@ -222,7 +222,7 @@ public class KeycloakDeploymentE2EIT extends ClusterOperatorTest {
var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, "-s", "--insecure", "-H", "Host: foo.bar", url); var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, "-s", "--insecure", "-H", "Host: foo.bar", url);
Log.info("Curl Output: " + curlOutput); Log.info("Curl Output: " + curlOutput);
assertTrue(curlOutput.contains("var authServerUrl = 'https://example.com:8443';")); assertTrue(curlOutput.contains("var authServerUrl = 'https://example.com';"));
}); });
} catch (Exception e) { } catch (Exception e) {
savePodLogs(); savePodLogs();
@ -247,7 +247,7 @@ public class KeycloakDeploymentE2EIT extends ClusterOperatorTest {
var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, "-s", "--insecure", "-H", "Host: foo.bar", url); var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, "-s", "--insecure", "-H", "Host: foo.bar", url);
Log.info("Curl Output: " + curlOutput); Log.info("Curl Output: " + curlOutput);
assertTrue(curlOutput.contains("var authServerUrl = 'https://foo.bar:8443';")); assertTrue(curlOutput.contains("var authServerUrl = 'https://foo.bar';"));
}); });
} catch (Exception e) { } catch (Exception e) {
savePodLogs(); savePodLogs();

21
operator/src/test/java/org/keycloak/operator/KeycloakIngressE2EIT.java
View file

@ -35,6 +35,16 @@ public class KeycloakIngressE2EIT extends ClusterOperatorTest {
assertEquals("master", output); assertEquals("master", output);
}); });
Awaitility.await()
.ignoreExceptions()
.untilAsserted(() -> {
var statusCode = RestAssured.given()
.get("http://" + kubernetesIp + ":80/admin/master/console")
.statusCode();
assertEquals(200, statusCode);
});
} }
@Test @Test
@ -55,6 +65,17 @@ public class KeycloakIngressE2EIT extends ClusterOperatorTest {
assertEquals("master", output); assertEquals("master", output);
}); });
Awaitility.await()
.ignoreExceptions()
.untilAsserted(() -> {
var statusCode = RestAssured.given()
.relaxedHTTPSValidation()
.get("https://" + kubernetesIp + ":443/admin/master/console")
.statusCode();
assertEquals(200, statusCode);
});
} }
@Test @Test