From 4d2f86202de8b907e5f9c0bb93a1e54f354e20e6 Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Fri, 13 Jan 2023 09:32:24 -0300 Subject: [PATCH] Remove Hashicorp Support Closes #9144 --- .../org/keycloak/config/VaultOptions.java | 23 +---- quarkus/deployment/pom.xml | 5 -- quarkus/pom.xml | 5 -- quarkus/runtime/pom.xml | 5 -- .../mappers/VaultPropertyMappers.java | 11 --- .../runtime/vault/QuarkusVaultProvider.java | 67 -------------- .../vault/QuarkusVaultProviderFactory.java | 89 ------------------- .../org.keycloak.vault.VaultProviderFactory | 1 - ...ndDistTest.testBuildHelp.unix.approved.txt | 2 +- ...istTest.testBuildHelp.windows.approved.txt | 29 +++--- ...istTest.testStartDevHelp.unix.approved.txt | 4 +- ...Test.testStartDevHelp.windows.approved.txt | 29 +++--- ...Test.testStartDevHelpAll.unix.approved.txt | 4 +- ...t.testStartDevHelpAll.windows.approved.txt | 26 +++--- ...ndDistTest.testStartHelp.unix.approved.txt | 4 +- ...istTest.testStartHelp.windows.approved.txt | 31 +++---- ...istTest.testStartHelpAll.unix.approved.txt | 4 +- ...Test.testStartHelpAll.windows.approved.txt | 26 +++--- 18 files changed, 82 insertions(+), 283 deletions(-) delete mode 100644 quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProvider.java delete mode 100644 quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProviderFactory.java diff --git a/quarkus/config-api/src/main/java/org/keycloak/config/VaultOptions.java b/quarkus/config-api/src/main/java/org/keycloak/config/VaultOptions.java index d68c11cddf..ca1b33dd87 100644 --- a/quarkus/config-api/src/main/java/org/keycloak/config/VaultOptions.java +++ b/quarkus/config-api/src/main/java/org/keycloak/config/VaultOptions.java @@ -1,13 +1,11 @@ package org.keycloak.config; import java.io.File; -import java.util.Map; public class VaultOptions { public enum Provider { - file, - hashicorp; + file; } public static final Option VAULT = new OptionBuilder<>("vault", Provider.class) @@ -21,23 +19,4 @@ public class VaultOptions { .description("If set, secrets can be obtained by reading the content of files within the given directory.") .build(); - public static final Option VAULT_UNMAPPED = new OptionBuilder<>("vault-", String.class) - .category(OptionCategory.VAULT) - .description("Maps any vault option to their corresponding properties in quarkus-vault extension.") - .hidden() - .buildTime(true) - .build(); - - public static final Option VAULT_URL = new OptionBuilder<>("vault-url", String.class) - .category(OptionCategory.VAULT) - .description("The vault server url.") - .hidden() - .buildTime(true) - .build(); - - public static final Option VAULT_KV_PATHS = new OptionBuilder("vault-kv-paths", Map.class, String.class) - .category(OptionCategory.VAULT) - .description("A set of one or more key/value paths that should be used when looking up secrets.") - .hidden() - .build(); } diff --git a/quarkus/deployment/pom.xml b/quarkus/deployment/pom.xml index bd97eca8a9..f08fee82de 100644 --- a/quarkus/deployment/pom.xml +++ b/quarkus/deployment/pom.xml @@ -101,11 +101,6 @@ rest-assured test - - io.quarkiverse.vault - quarkus-vault-deployment - ${io.quarkiverse.vault.version} - diff --git a/quarkus/pom.xml b/quarkus/pom.xml index 549d514d93..c85c7fe310 100644 --- a/quarkus/pom.xml +++ b/quarkus/pom.xml @@ -47,11 +47,6 @@ 1.4.1.SP1 1.8.3 - - 2.0.0 - UTF-8 3.8.1 11 diff --git a/quarkus/runtime/pom.xml b/quarkus/runtime/pom.xml index 57214f5b9c..201b573ba9 100644 --- a/quarkus/runtime/pom.xml +++ b/quarkus/runtime/pom.xml @@ -96,11 +96,6 @@ org.wildfly.security wildfly-elytron - - io.quarkiverse.vault - quarkus-vault - ${io.quarkiverse.vault.version} - diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/VaultPropertyMappers.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/VaultPropertyMappers.java index 9e4af24bd7..a5bb140675 100644 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/VaultPropertyMappers.java +++ b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/VaultPropertyMappers.java @@ -17,17 +17,6 @@ final class VaultPropertyMappers { fromOption(VaultOptions.VAULT_DIR) .to("kc.spi-vault-file-dir") .paramLabel("dir") - .build(), - fromOption(VaultOptions.VAULT_UNMAPPED) - .to("quarkus.vault.") - .build(), - fromOption(VaultOptions.VAULT_URL) - .to("quarkus.vault.url") - .paramLabel("paths") - .build(), - fromOption(VaultOptions.VAULT_KV_PATHS) - .to("kc.spi-vault-hashicorp-paths") - .paramLabel("paths") .build() }; } diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProvider.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProvider.java deleted file mode 100644 index ff882b1365..0000000000 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProvider.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2021 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.quarkus.runtime.vault; - -import static org.keycloak.vault.DefaultVaultRawSecret.forBuffer; - -import java.nio.CharBuffer; -import java.nio.charset.StandardCharsets; -import java.util.List; -import java.util.Map; -import java.util.Optional; - -import org.keycloak.vault.AbstractVaultProvider; -import org.keycloak.vault.VaultKeyResolver; -import org.keycloak.vault.VaultRawSecret; - -import io.quarkus.vault.VaultKVSecretEngine; - -public class QuarkusVaultProvider extends AbstractVaultProvider { - - private VaultKVSecretEngine secretEngine; - private String[] kvPaths; - - public QuarkusVaultProvider(VaultKVSecretEngine secretEngine, String[] kvPaths, String realm, List keyResolvers) { - super(realm, keyResolvers); - this.secretEngine = secretEngine; - this.kvPaths = kvPaths; - } - - @Override - protected VaultRawSecret obtainSecretInternal(String key) { - if (kvPaths == null) { - return forBuffer(Optional.empty()); - } - - for (String path : kvPaths) { - Map secrets = secretEngine.readSecret(path); - String secret = secrets.get(key); - - if (secret != null) { - return forBuffer(Optional.of(StandardCharsets.UTF_8.encode(CharBuffer.wrap(secret)))); - } - } - - return forBuffer(Optional.empty()); - } - - @Override - public void close() { - - } -} diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProviderFactory.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProviderFactory.java deleted file mode 100644 index 06a50eb995..0000000000 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/vault/QuarkusVaultProviderFactory.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright 2021 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.quarkus.runtime.vault; - -import org.keycloak.Config; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.KeycloakSessionFactory; -import org.keycloak.provider.EnvironmentDependentProviderFactory; -import org.keycloak.quarkus.runtime.configuration.Configuration; -import org.keycloak.vault.AbstractVaultProviderFactory; -import org.keycloak.vault.VaultProvider; - -import io.quarkus.arc.Arc; -import io.quarkus.arc.InstanceHandle; -import io.quarkus.vault.VaultKVSecretEngine; -import io.quarkus.vault.runtime.VaultConfigHolder; - -public class QuarkusVaultProviderFactory extends AbstractVaultProviderFactory implements EnvironmentDependentProviderFactory { - - private String[] kvPaths; - private VaultKVSecretEngine secretEngine; - - @Override - public VaultProvider create(KeycloakSession session) { - return new QuarkusVaultProvider(secretEngine, kvPaths, getRealmName(session), super.keyResolvers); - } - - @Override - public void init(Config.Scope config) { - super.init(config); - kvPaths = config.getArray("paths"); - } - - @Override - public void postInit(KeycloakSessionFactory factory) { - InstanceHandle engineInstance = Arc.container().instance(VaultKVSecretEngine.class); - - if (engineInstance.isAvailable()) { - secretEngine = engineInstance.get(); - } - - InstanceHandle configInstance = Arc.container().instance(VaultConfigHolder.class); - - if (!configInstance.isAvailable() || configInstance.get().getVaultBootstrapConfig() == null) { - throw new RuntimeException("No configuration defined for hashicorp provider."); - } - } - - @Override - public void close() { - - } - - @Override - public String getId() { - return "hashicorp"; - } - - @Override - public int order() { - return 10; - } - - @Override - public boolean isSupported(Config.Scope config) { - return getId().equals(Configuration.getRawValue("kc.vault")); - } - - @Override - public boolean isSupported() { - // in quarkus we do not use this method when installing providers - return false; - } -} diff --git a/quarkus/runtime/src/main/resources/META-INF/services/org.keycloak.vault.VaultProviderFactory b/quarkus/runtime/src/main/resources/META-INF/services/org.keycloak.vault.VaultProviderFactory index 0aa47df231..c1f56e0ae5 100644 --- a/quarkus/runtime/src/main/resources/META-INF/services/org.keycloak.vault.VaultProviderFactory +++ b/quarkus/runtime/src/main/resources/META-INF/services/org.keycloak.vault.VaultProviderFactory @@ -1,2 +1 @@ org.keycloak.quarkus.runtime.vault.FilesPlainTextVaultProviderFactory -org.keycloak.quarkus.runtime.vault.QuarkusVaultProviderFactory diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt index cfefb3a758..cdc25b6715 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt @@ -78,7 +78,7 @@ Metrics: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. Examples: diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt index 431aeabdc9..f98a2a2059 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt @@ -43,24 +43,25 @@ Transaction: Feature: ---features Enables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. +--features Enables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. --features-disabled - Disables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. + Disables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. HTTP/TLS: --http-relative-path - Set the path relative to '/' for serving resources. Default: /. + Set the path relative to '/' for serving resources. The path must start with a + '/'. Default: /. Health: @@ -77,7 +78,7 @@ Metrics: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. Examples: diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt index 05243edaa6..46a4f86975 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt @@ -164,7 +164,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. @@ -221,4 +221,4 @@ Logging: Do NOT start the server using this command when deploying to production. Use 'kc.sh start-dev --help-all' to list all available options, including build -options. +options. \ No newline at end of file diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt index a1941f2410..18900a1ab1 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt @@ -66,19 +66,19 @@ Transaction: Feature: ---features Enables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. +--features Enables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. --features-disabled - Disables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. + Disables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. Hostname: @@ -113,7 +113,8 @@ HTTP/TLS: --http-host The used HTTP Host. Default: 0.0.0.0. --http-port The used HTTP port. Default: 8080. --http-relative-path - Set the path relative to '/' for serving resources. Default: /. + Set the path relative to '/' for serving resources. The path must start with a + '/'. Default: /. --https-certificate-file The file path to a server certificate or certificate chain in PEM format. --https-certificate-key-file @@ -163,7 +164,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt index 5cf437cec3..4a896540ec 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt @@ -222,7 +222,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. @@ -285,4 +285,4 @@ Security (Experimental): Do NOT start the server using this command when deploying to production. Use 'kc.sh start-dev --help-all' to list all available options, including build -options. +options. \ No newline at end of file diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt index 9c3d0a8bc9..7ae3be9d21 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt @@ -124,19 +124,19 @@ Transaction: Feature: ---features Enables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin-api, admin, admin2, - docker, impersonation, openshift-integration, scripts, token-exchange, - web-authn, client-policies, ciba, map-storage, par, - declarative-user-profile, dynamic-scopes, client-secret-rotation, - step-up-authentication, recovery-codes, update-email, js-adapter, preview. +--features Enables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. --features-disabled - Disables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin-api, admin, admin2, - docker, impersonation, openshift-integration, scripts, token-exchange, - web-authn, client-policies, ciba, map-storage, par, - declarative-user-profile, dynamic-scopes, client-secret-rotation, - step-up-authentication, recovery-codes, update-email, js-adapter, preview. + Disables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. Hostname: @@ -222,7 +222,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt index c49e939ee2..017355efe4 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt @@ -170,7 +170,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. @@ -231,4 +231,4 @@ By default, this command tries to update the server configuration by running a $ kc.sh start '--optimized' By doing that, the server should start faster based on any previous -configuration you have set when manually running the 'build' command. +configuration you have set when manually running the 'build' command. \ No newline at end of file diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt index 357cf6f4dd..bca320ecb1 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt @@ -72,19 +72,19 @@ Transaction: Feature: ---features Enables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. +--features Enables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. --features-disabled - Disables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin2, docker, - impersonation, openshift-integration, scripts, token-exchange, web-authn, - client-policies, ciba, map-storage, par, declarative-user-profile, - dynamic-scopes, client-secret-rotation, step-up-authentication, - recovery-codes, update-email, js-adapter, preview. + Disables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. Hostname: @@ -119,7 +119,8 @@ HTTP/TLS: --http-host The used HTTP Host. Default: 0.0.0.0. --http-port The used HTTP port. Default: 8080. --http-relative-path - Set the path relative to '/' for serving resources. Default: /. + Set the path relative to '/' for serving resources. The path must start with a + '/'. Default: /. --https-certificate-file The file path to a server certificate or certificate chain in PEM format. --https-certificate-key-file @@ -169,7 +170,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. @@ -230,4 +231,4 @@ By default, this command tries to update the server configuration by running a $ kc.bat start '--optimized' By doing that, the server should start faster based on any previous -configuration you have set when manually running the 'build' command. +configuration you have set when manually running the 'build' command. \ No newline at end of file diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt index 9d4f3c6f5b..2fb37108f7 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt @@ -228,7 +228,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory. @@ -295,4 +295,4 @@ By default, this command tries to update the server configuration by running a $ kc.sh start '--optimized' By doing that, the server should start faster based on any previous -configuration you have set when manually running the 'build' command. +configuration you have set when manually running the 'build' command. \ No newline at end of file diff --git a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt index 8967791752..f93678c440 100644 --- a/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt +++ b/quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt @@ -130,19 +130,19 @@ Transaction: Feature: ---features Enables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin-api, admin, admin2, - docker, impersonation, openshift-integration, scripts, token-exchange, - web-authn, client-policies, ciba, map-storage, par, - declarative-user-profile, dynamic-scopes, client-secret-rotation, - step-up-authentication, recovery-codes, update-email, js-adapter, preview. +--features Enables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. --features-disabled - Disables a set of one or more features. Possible values are: authorization, - account2, account-api, admin-fine-grained-authz, admin-api, admin, admin2, - docker, impersonation, openshift-integration, scripts, token-exchange, - web-authn, client-policies, ciba, map-storage, par, - declarative-user-profile, dynamic-scopes, client-secret-rotation, - step-up-authentication, recovery-codes, update-email, js-adapter, preview. + Disables a set of one or more features. Possible values are: account-api, + account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization, + ciba, client-policies, client-secret-rotation, declarative-user-profile, + docker, dynamic-scopes, impersonation, js-adapter, map-storage, + openshift-integration, par, preview, recovery-codes, scripts, + step-up-authentication, token-exchange, update-email, web-authn. Hostname: @@ -228,7 +228,7 @@ Proxy: Vault: ---vault Enables a vault provider. Possible values are: file, hashicorp. +--vault Enables a vault provider. Possible values are: file. --vault-dir If set, secrets can be obtained by reading the content of files within the given directory.