Make label for Keycloak container images configurable
Closes #26819 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz
Alexander Schwartz
parent
4d106b41f3
commit
486b199548
4 changed files with 19 additions and 18 deletions
|
|
@ -6,3 +6,4 @@
|
|||
:jdgserver_name: Infinispan
|
||||
:infinispan-operator-docs: https://infinispan.org/docs/infinispan-operator/main/operator.html
|
||||
:infinispan-xsite-docs: https://infinispan.org/docs/stable/titles/xsite/xsite.html
|
||||
:containerlabel: latest
|
||||
|
|
|
|||
|
|
@ -27,9 +27,9 @@ This step will save time in every subsequent start phase of the container image.
|
|||
The following `Dockerfile` creates a pre-configured {project_name} image that enables the health and metrics endpoints, enables the token exchange feature, and uses a PostgreSQL database.
|
||||
|
||||
.Dockerfile:
|
||||
[source, dockerfile]
|
||||
[source,dockerfile,subs="attributes+"]
|
||||
----
|
||||
FROM quay.io/keycloak/keycloak:latest as builder
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel} as builder
|
||||
|
||||
# Enable health and metrics support
|
||||
ENV KC_HEALTH_ENABLED=true
|
||||
|
|
@ -43,7 +43,7 @@ WORKDIR /opt/keycloak
|
|||
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
|
||||
RUN /opt/keycloak/bin/kc.sh build
|
||||
|
||||
FROM quay.io/keycloak/keycloak:latest
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel}
|
||||
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
||||
|
||||
# change these values to point to a running postgres instance
|
||||
|
|
@ -64,10 +64,10 @@ The build process includes multiple stages:
|
|||
To install custom providers, you just need to define a step to include the JAR file(s) into the `/opt/keycloak/providers` directory.
|
||||
This step must be placed before the line that `RUNs` the `build` command, as below:
|
||||
|
||||
[source, dockerfile]
|
||||
[source,dockerfile,subs="attributes+"]
|
||||
----
|
||||
# A example build step that downloads a JAR file from a URL and adds it to the providers directory
|
||||
FROM quay.io/keycloak/keycloak:latest as builder
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel} as builder
|
||||
|
||||
...
|
||||
|
||||
|
|
@ -166,11 +166,11 @@ By setting the `hostname-port` option you can now access the server at `https://
|
|||
The easiest way to try {project_name} from a container for development or testing purposes is to use the Development mode.
|
||||
You use the `start-dev` command:
|
||||
|
||||
[source,bash]
|
||||
[source,bash,subs="attributes+"]
|
||||
----
|
||||
podman|docker run --name mykeycloak -p 8080:8080 \
|
||||
-e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \
|
||||
quay.io/keycloak/keycloak:latest \
|
||||
quay.io/keycloak/keycloak:{containerlabel} \
|
||||
start-dev
|
||||
----
|
||||
|
||||
|
|
@ -185,11 +185,11 @@ In these environments, you need containers that start fast, therefore you need t
|
|||
However, if your environment has different requirements, you can run a standard {project_name} image by just running the `start` command.
|
||||
For example:
|
||||
|
||||
[source, bash]
|
||||
[source,bash,subs="attributes+"]
|
||||
----
|
||||
podman|docker run --name mykeycloak -p 8080:8080 \
|
||||
-e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \
|
||||
quay.io/keycloak/keycloak:latest \
|
||||
quay.io/keycloak/keycloak:{containerlabel} \
|
||||
start \
|
||||
--db=postgres --features=token-exchange \
|
||||
--db-url=<JDBC-URL> --db-username=<DB-USER> --db-password=<DB-PASSWORD> \
|
||||
|
|
@ -218,12 +218,12 @@ This approach significantly increases startup time and creates an image that is
|
|||
|
||||
The {project_name} containers have a directory `/opt/keycloak/data/import`. If you put one or more import files in that directory via a volume mount or other means and add the startup argument `--import-realm`, the Keycloak container will import that data on startup! This may only make sense to do in Dev mode.
|
||||
|
||||
[source, bash]
|
||||
[source,bash,subs="attributes+"]
|
||||
----
|
||||
podman|docker run --name keycloak_unoptimized -p 8080:8080 \
|
||||
-e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \
|
||||
-v /path/to/realm/data:/opt/keycloak/data/import \
|
||||
quay.io/keycloak/keycloak:latest \
|
||||
quay.io/keycloak/keycloak:{containerlabel} \
|
||||
start-dev --import-realm
|
||||
----
|
||||
|
||||
|
|
|
|||
|
|
@ -55,9 +55,9 @@ To install the Oracle Database driver for {project_name}:
|
|||
+
|
||||
A minimal Dockerfile to build an image which can be used with the {project_name} Operator and includes Oracle Database JDBC drivers downloaded from Maven Central looks like the following:
|
||||
+
|
||||
[source,dockerfile]
|
||||
[source,dockerfile,subs="attributes+"]
|
||||
----
|
||||
FROM quay.io/keycloak/keycloak:latest
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel}
|
||||
ADD --chown=keycloak:keycloak https://repo1.maven.org/maven2/com/oracle/database/jdbc/ojdbc11/${properties["oracle-jdbc.version"]}/ojdbc11-${properties["oracle-jdbc.version"]}.jar /opt/keycloak/providers/ojdbc11.jar
|
||||
ADD --chown=keycloak:keycloak https://repo1.maven.org/maven2/com/oracle/database/nls/orai18n/${properties["oracle-jdbc.version"]}/orai18n-${properties["oracle-jdbc.version"]}.jar /opt/keycloak/providers/orai18n.jar
|
||||
# Setting the build parameter for the database:
|
||||
|
|
@ -91,9 +91,9 @@ To install the Microsoft SQL Server driver for {project_name}:
|
|||
+
|
||||
A minimal Dockerfile to build an image which can be used with the {project_name} Operator and includes Microsoft SQL Server JDBC drivers downloaded from Maven Central looks like the following:
|
||||
+
|
||||
[source,dockerfile]
|
||||
[source,dockerfile,subs="attributes+"]
|
||||
----
|
||||
FROM quay.io/keycloak/keycloak:latest
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel}
|
||||
ADD --chown=keycloak:keycloak https://repo1.maven.org/maven2/com/microsoft/sqlserver/mssql-jdbc/${properties["mssql-jdbc.version"]}/mssql-jdbc-${properties["mssql-jdbc.version"]}.jar /opt/keycloak/providers/mssql-jdbc.jar
|
||||
# Setting the build parameter for the database:
|
||||
ENV KC_DB=mssql
|
||||
|
|
|
|||
|
|
@ -222,9 +222,9 @@ For example in the current directory, you can create sub-directory `files` and a
|
|||
Then create `Dockerfile` in the current directory similar to this:
|
||||
|
||||
.Dockerfile:
|
||||
[source, dockerfile]
|
||||
[source,dockerfile,subs="attributes+"]
|
||||
----
|
||||
FROM quay.io/keycloak/keycloak:latest as builder
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel} as builder
|
||||
|
||||
ADD files /tmp/files/
|
||||
|
||||
|
|
@ -235,7 +235,7 @@ RUN cp /tmp/files/kc.java.security /opt/keycloak/conf/
|
|||
|
||||
RUN /opt/keycloak/bin/kc.sh build --features=fips --fips-mode=strict
|
||||
|
||||
FROM quay.io/keycloak/keycloak:latest
|
||||
FROM quay.io/keycloak/keycloak:{containerlabel}
|
||||
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
||||
|
||||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
|
||||
|
|
|
|||
Loading…
Reference in a new issue