KEYCLOAK-7101 Fix DockerClientTest

testsuite/integration-arquillian/pom.xml

@@ -52,6 +52,7 @@
         <version.shrinkwrap.resolvers>2.2.6</version.shrinkwrap.resolvers>
         <undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>
         <version.org.wildfly.extras.creaper>1.6.1</version.org.wildfly.extras.creaper>
+        <testcontainers.version>1.5.1</testcontainers.version>
 
         <!--migration properties-->
         <migration.70.version>1.9.8.Final</migration.70.version>

testsuite/integration-arquillian/tests/base/pom.xml

@@ -112,7 +112,7 @@
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>testcontainers</artifactId>
-            <version>1.2.1</version>
+            <version>${testcontainers.version}</version>
             <scope>test</scope>
         </dependency>
         <dependency>

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerClientTest.java

@@ -4,53 +4,44 @@ import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.junit.Test;
 import org.keycloak.common.Profile;
+import org.keycloak.representations.idm.KeysMetadataRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.testsuite.AbstractKeycloakTest;
 import org.keycloak.testsuite.ProfileAssume;
-import org.keycloak.testsuite.util.WaitUtils;
-import org.rnorth.ducttape.ratelimits.RateLimiterBuilder;
-import org.rnorth.ducttape.unreliables.Unreliables;
-import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.testcontainers.containers.BindMode;
 import org.testcontainers.containers.Container;
 import org.testcontainers.containers.GenericContainer;
 import org.testcontainers.containers.output.Slf4jLogConsumer;
-import org.testcontainers.images.builder.ImageFromDockerfile;
-import org.testcontainers.shaded.com.github.dockerjava.api.model.ContainerNetwork;
+import sun.security.provider.X509Factory;
 
-import java.util.Arrays;
+import java.io.File;
+import java.io.PrintWriter;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-import java.util.concurrent.Callable;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Predicate;
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assume.assumeTrue;
-import static org.keycloak.testsuite.admin.AbstractAdminTest.loadJson;
+import static org.keycloak.testsuite.util.WaitUtils.pause;
 
 public class DockerClientTest extends AbstractKeycloakTest {
-    public static final Logger LOGGER = LoggerFactory.getLogger(DockerClientTest.class);
-
     public static final String REALM_ID = "docker-test-realm";
-    public static final String AUTH_FLOW = "docker-basic-auth-flow";
     public static final String CLIENT_ID = "docker-test-client";
     public static final String DOCKER_USER = "docker-user";
     public static final String DOCKER_USER_PASSWORD = "password";
 
-    public static final String REGISTRY_HOSTNAME = "registry.localdomain";
+    public static final String REGISTRY_HOSTNAME = "localhost";
     public static final Integer REGISTRY_PORT = 5000;
     public static final String MINIMUM_DOCKER_VERSION = "1.8.0";
-    public static final String IMAGE_NAME = "busybox";
 
     private GenericContainer dockerRegistryContainer = null;
     private GenericContainer dockerClientContainer = null;
 
     private static String hostIp;
+    private static String authServerPort;
 
     @BeforeClass
     public static void verifyEnvironment() {
@@ -59,7 +50,6 @@ public class DockerClientTest extends AbstractKeycloakTest {
         final Optional<DockerVersion> dockerVersion = new DockerHostVersionSupplier().get();
         assumeTrue("Could not determine docker version for host machine.  It either is not present or accessible to the JVM running the test harness.", dockerVersion.isPresent());
         assumeTrue("Docker client on host machine is not a supported version.  Please upgrade and try again.", DockerVersion.COMPARATOR.compare(dockerVersion.get(), DockerVersion.parseVersionString(MINIMUM_DOCKER_VERSION)) >= 0);
-        LOGGER.debug("Discovered valid docker client on host.  version: {}", dockerVersion);
 
         hostIp = System.getProperty("host.ip");
 
@@ -70,21 +60,13 @@ public class DockerClientTest extends AbstractKeycloakTest {
             }
         }
         Assert.assertNotNull("Could not resolve host machine's IP address for docker adapter, and 'host.ip' system poperty not set. Client will not be able to authenticate against the keycloak server!", hostIp);
+
+        authServerPort = AUTH_SERVER_SSL_REQUIRED ? System.getProperty("auth.server.https.port") : System.getProperty("auth.server.http.port");
     }
 
     @Override
     public void addTestRealms(final List<RealmRepresentation> testRealms) {
-        final RealmRepresentation dockerRealm = loadJson(getClass().getResourceAsStream("/docker-test-realm.json"), RealmRepresentation.class);
-
-        /**
-         * TODO fix test harness/importer NPEs when attempting to create realm from scratch.
-         * Need to fix those, would be preferred to do this programmatically such that we don't have to keep realm elements
-         * (I.E. certs, realm url) in sync with a flat file
-         *
-         * final RealmRepresentation dockerRealm = DockerTestRealmSetup.createRealm(REALM_ID);
-         * DockerTestRealmSetup.configureDockerAuthenticationFlow(dockerRealm, AUTH_FLOW);
-         */
-
+        final RealmRepresentation dockerRealm = DockerTestRealmSetup.createRealm(REALM_ID);
         DockerTestRealmSetup.configureDockerRegistryClient(dockerRealm, CLIENT_ID);
         DockerTestRealmSetup.configureUser(dockerRealm, DOCKER_USER, DOCKER_USER_PASSWORD);
 
@@ -95,106 +77,71 @@ public class DockerClientTest extends AbstractKeycloakTest {
     public void beforeAbstractKeycloakTest() throws Exception {
         super.beforeAbstractKeycloakTest();
 
+        // find the realm cert
+        String realmCert = null;
+        List<KeysMetadataRepresentation.KeyMetadataRepresentation> realmKeys = adminClient.realm(REALM_ID).keys().getKeyMetadata().getKeys();
+        for (KeysMetadataRepresentation.KeyMetadataRepresentation key : realmKeys) {
+            if (key.getType().equals("RSA")) {
+                realmCert = key.getCertificate();
+            }
+        }
+        if (realmCert == null) {
+            throw new IllegalStateException("Cannot find public realm cert");
+        }
+
+        // save the cert to a file
+        File tmpCertFile = File.createTempFile("keycloak-docker-realm-cert-", ".pem");
+        tmpCertFile.deleteOnExit();
+        PrintWriter tmpCertWriter = new PrintWriter(tmpCertFile);
+        tmpCertWriter.println(X509Factory.BEGIN_CERT);
+        tmpCertWriter.println(realmCert);
+        tmpCertWriter.println(X509Factory.END_CERT);
+        tmpCertWriter.close();
+
         final Map<String, String> environment = new HashMap<>();
         environment.put("REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY", "/tmp");
-        environment.put("REGISTRY_HTTP_TLS_CERTIFICATE", "/opt/certs/localhost.crt");
-        environment.put("REGISTRY_HTTP_TLS_KEY", "/opt/certs/localhost.key");
-        environment.put("REGISTRY_AUTH_TOKEN_REALM", "http://" + hostIp + ":8180/auth/realms/docker-test-realm/protocol/docker-v2/auth");
+        environment.put("REGISTRY_AUTH_TOKEN_REALM", "http://" + hostIp + ":" + authServerPort + "/auth/realms/" + REALM_ID + "/protocol/docker-v2/auth");
         environment.put("REGISTRY_AUTH_TOKEN_SERVICE", CLIENT_ID);
-        environment.put("REGISTRY_AUTH_TOKEN_ISSUER", "http://" + hostIp + ":8180/auth/realms/docker-test-realm");
-        environment.put("REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE", "/opt/certs/docker-realm-public-key.pem");
+        environment.put("REGISTRY_AUTH_TOKEN_ISSUER", "http://" + hostIp + ":" + authServerPort + "/auth/realms/" + REALM_ID);
+        environment.put("REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE", "/opt/kc-certs/" + tmpCertFile.getCanonicalFile().getName());
         environment.put("INSECURE_REGISTRY", "--insecure-registry " + REGISTRY_HOSTNAME + ":" + REGISTRY_PORT);
 
         String dockerioPrefix = Boolean.parseBoolean(System.getProperty("docker.io-prefix-explicit")) ? "docker.io/" : "";
 
-        // TODO this required me to turn selinux off :(.  Add BindMode options for :z and :Z.  Make selinux enforcing again!
         dockerRegistryContainer = new GenericContainer(dockerioPrefix + "registry:2")
-                .withClasspathResourceMapping("dockerClientTest/keycloak-docker-compose-yaml/certs", "/opt/certs", BindMode.READ_ONLY)
+                .withFileSystemBind(tmpCertFile.getCanonicalPath(), "/opt/kc-certs/" + tmpCertFile.getCanonicalFile().getName(), BindMode.READ_ONLY)
                 .withEnv(environment)
+                .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger("dockerRegistryContainer")))
+                .withNetworkMode("host")
                 .withPrivilegedMode(true);
         dockerRegistryContainer.start();
-        dockerRegistryContainer.followOutput(new Slf4jLogConsumer(LOGGER));
 
-        dockerClientContainer = new GenericContainer(
-                new ImageFromDockerfile()
-                        .withDockerfileFromBuilder(dockerfileBuilder -> {
-                            dockerfileBuilder.from("centos/systemd:latest")
-                                    .run("yum", "install", "-y", "docker", "iptables", ";", "yum", "clean", "all")
-                                    .cmd("/usr/sbin/init")
-                                    .volume("/sys/fs/cgroup")
-                                    .build();
-                        })
-        )
-                .withClasspathResourceMapping("dockerClientTest/keycloak-docker-compose-yaml/certs/localhost.crt", "/opt/docker/certs.d/" + REGISTRY_HOSTNAME + "/localhost.crt", BindMode.READ_ONLY)
-                .withClasspathResourceMapping("dockerClientTest/keycloak-docker-compose-yaml/sysconfig_docker", "/etc/sysconfig/docker", BindMode.READ_WRITE)
+        dockerClientContainer = new GenericContainer(dockerioPrefix + "docker:dind")
+                .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger("dockerClientContainer")))
+                .withNetworkMode("host")
                 .withPrivilegedMode(true);
-
-        final Optional<ContainerNetwork> network = dockerRegistryContainer.getContainerInfo().getNetworkSettings().getNetworks().values().stream().findFirst();
-        assumeTrue("Could not find a network adapter whereby the docker client container could connect to host!", network.isPresent());
-        dockerClientContainer.withExtraHost(REGISTRY_HOSTNAME, network.get().getIpAddress());
-
         dockerClientContainer.start();
-        dockerClientContainer.followOutput(new Slf4jLogConsumer(LOGGER));
-
-        int i = 0;
-        String stdErr = "";
-        while (i++ < 30) {
-            log.infof("Trying to start docker service; attempt: %d", i);
-            stdErr = dockerClientContainer.execInContainer("systemctl", "start", "docker.service").getStderr();
-            if (stdErr.isEmpty()) {
-                break;
-            }
-            else {
-                log.info("systemctl failed: " + stdErr);
-            }
-            WaitUtils.pause(1000);
     }
 
-        assumeTrue("Cannot start docker service!", stdErr.isEmpty());
+    @Override
+    public void afterAbstractKeycloakTest() {
+        super.afterAbstractKeycloakTest();
 
-        log.info("Waiting for docker service...");
-        validateDockerStarted();
-        log.info("Docker service successfully started");
-    }
+        pause(5000); // wait for the container logs
 
-    private void validateDockerStarted() {
-        final Callable<Boolean> checkStrategy = () -> {
-            try {
-                final String commandResult = dockerClientContainer.execInContainer("docker", "ps").getStderr();
-                return !commandResult.contains("Cannot connect");
-            } catch (InterruptedException e) {
-                throw new RuntimeException(e);
-            } catch (Exception e) {
-                return false;
-            }
-        };
-
-        Unreliables.retryUntilTrue(30, TimeUnit.SECONDS, () -> RateLimiterBuilder.newBuilder().withRate(1, TimeUnit.SECONDS).withConstantThroughput().build().getWhenReady(() -> {
-            try {
-                return checkStrategy.call();
-            } catch (Exception e) {
-                throw new RuntimeException(e);
-            }
-        }));
+        dockerClientContainer.close();
+        dockerRegistryContainer.close();
     }
 
     @Test
     public void shouldPerformDockerAuthAgainstRegistry() throws Exception {
+        log.info("Starting the attempt for login...");
         Container.ExecResult dockerLoginResult = dockerClientContainer.execInContainer("docker", "login", "-u", DOCKER_USER, "-p", DOCKER_USER_PASSWORD, REGISTRY_HOSTNAME + ":" + REGISTRY_PORT);
-        printNonEmpties(dockerLoginResult.getStdout(), dockerLoginResult.getStderr());
+        printCommandResult(dockerLoginResult);
         assertThat(dockerLoginResult.getStdout(), containsString("Login Succeeded"));
     }
 
-    private static void printNonEmpties(final String... results) {
-        Arrays.stream(results)
-                .forEachOrdered(DockerClientTest::printNonEmpty);
+    private void printCommandResult(Container.ExecResult result) {
+        log.infof("Command executed. Output follows:\nSTDOUT: %s\n---\nSTDERR: %s", result.getStdout(), result.getStderr());
     }
-
-    private static void printNonEmpty(final String result) {
-        if (nullOrEmpty.negate().test(result)) {
-            LOGGER.info(result);
-        }
-    }
-
-    public static final Predicate<String> nullOrEmpty = string -> string == null || string.isEmpty();
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerTestRealmSetup.java

@@ -1,10 +1,6 @@
 package org.keycloak.testsuite.docker;
 
-import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.protocol.docker.DockerAuthV2Protocol;
-import org.keycloak.protocol.docker.DockerAuthenticator;
-import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
-import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
@@ -31,31 +27,6 @@ public final class DockerTestRealmSetup {
         return createdRealm;
     }
 
-    public static void configureDockerAuthenticationFlow(final RealmRepresentation dockerRealm, final String authFlowAlais) {
-        final AuthenticationFlowRepresentation dockerBasicAuthFlow = new AuthenticationFlowRepresentation();
-        dockerBasicAuthFlow.setId(UUID.randomUUID().toString());
-        dockerBasicAuthFlow.setAlias(authFlowAlais);
-        dockerBasicAuthFlow.setProviderId("basic-flow");
-        dockerBasicAuthFlow.setTopLevel(true);
-        dockerBasicAuthFlow.setBuiltIn(false);
-
-        final AuthenticationExecutionExportRepresentation dockerBasicAuthExecution = new AuthenticationExecutionExportRepresentation();
-        dockerBasicAuthExecution.setAuthenticator(DockerAuthenticator.ID);
-        dockerBasicAuthExecution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED.name());
-        dockerBasicAuthExecution.setPriority(0);
-        dockerBasicAuthExecution.setUserSetupAllowed(false);
-        dockerBasicAuthExecution.setAutheticatorFlow(false);
-
-        final List<AuthenticationExecutionExportRepresentation> authenticationExecutions = Optional.ofNullable(dockerBasicAuthFlow.getAuthenticationExecutions()).orElse(new ArrayList<>());
-        authenticationExecutions.add(dockerBasicAuthExecution);
-        dockerBasicAuthFlow.setAuthenticationExecutions(authenticationExecutions);
-
-        final List<AuthenticationFlowRepresentation> authenticationFlows = Optional.ofNullable(dockerRealm.getAuthenticationFlows()).orElse(new ArrayList<>());
-        authenticationFlows.add(dockerBasicAuthFlow);
-        dockerRealm.setAuthenticationFlows(authenticationFlows);
-        dockerRealm.setBrowserFlow(dockerBasicAuthFlow.getAlias());
-    }
-
 
     public static void configureDockerRegistryClient(final RealmRepresentation dockerRealm, final String clientId) {
         final ClientRepresentation dockerClient = new ClientRepresentation();

testsuite/integration-arquillian/tests/base/src/test/resources/dockerClientTest/keycloak-docker-compose-yaml/certs/docker-realm-public-key.pem

@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICsTCCAZkCBgFbaSTAdjANBgkqhkiG9w0BAQsFADAcMRowGAYDVQQDDBFkb2Nr
-ZXItdGVzdC1yZWFsbTAeFw0xNzA0MTMyMTA2MDdaFw0yNzA0MTMyMTA3NDdaMBwx
-GjAYBgNVBAMMEWRvY2tlci10ZXN0LXJlYWxtMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAk2ZfvP3znNH5EbBd6ckiT7Eq7loqBCa5o6fdOajD2X8cjT7r
-oLG4GANhu075SUrCxfcx2A+P1kBnSsyPCc3dxMmCT7BUJsYScCF88q52GIskQc7E
-+eBkuIjeVmPMECLq3xhY7YONqIl47n17dEYYmVo1uRqbrVSFdSX9EDqn9vRn/7uJ
-FLafdK9766Na2JMSZVKgnNsXRTtxxCjnU3LyMnNw5JdbnsfSPj1pgnOi+pTDPqlw
-fcAIaG72lmhWMXaStmwO1DYsBoUd4yEnv6/dtXQkAaDr6TthX7ITliaxXPrh+YMD
-AxnhV7X/PtbiFUpTaNBpSy3k87onYBiWrL44IQIDAQABMA0GCSqGSIb3DQEBCwUA
-A4IBAQB2u9hP3S1bP4+FBwOLPwI3p7WrWBlt2CgwTiyuXvV7u9GLiXqCDUWZd3dS
-ks9vU4Y4NdVyToY4q9YFJ3oAQXlfRw2Yi6e/0nSPpU25o52TWwREnRY98fjVy1eC
-5K2GRwSu79HZKeqA0Tg/ONvGOrlYO1KPbWZGg9NcwAGeILkNdfI82w0KZTpTy+f5
-ATtV30pFkDNT0gfayFmDQvw3EgcD/x0/vI3PlnHLLGprV/ZlBmFWo0vk8iUBwP1Y
-bTA0XqKasITFXJaPeZWzNMCjR1NxDqlIq095uX04E5XGS6XGJKS9PanvGXidk5xM
-gI7xwKE6jaxD9pspYPRgv66528Dc
------END CERTIFICATE-----

testsuite/integration-arquillian/tests/base/src/test/resources/dockerClientTest/keycloak-docker-compose-yaml/certs/localhost.crt

@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGBTCCA+2gAwIBAgIJALfo8UyCLlnkMA0GCSqGSIb3DQEBCwUAMIGYMQswCQYD
-VQQGEwJVUzEXMBUGA1UECAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVp
-Z2gxFjAUBgNVBAoMDVJlZCBIYXQsIEluYy4xJzAlBgNVBAsMHklkZW50aXR5IGFu
-ZCBBY2Nlc3MgTWFuYWdlbWVudDEdMBsGA1UEAwwUcmVnaXN0cnkubG9jYWxkb21h
-aW4wHhcNMTcwNDIwMDMwNzMwWhcNMjAwMTE0MDMwNzMwWjCBmDELMAkGA1UEBhMC
-VVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHDAdSYWxlaWdoMRYw
-FAYDVQQKDA1SZWQgSGF0LCBJbmMuMScwJQYDVQQLDB5JZGVudGl0eSBhbmQgQWNj
-ZXNzIE1hbmFnZW1lbnQxHTAbBgNVBAMMFHJlZ2lzdHJ5LmxvY2FsZG9tYWluMIIC
-IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyIKYO7gYA9T8PpqTf2Lad81X
-cHzhiRYvvzUDgR4UD1NummWPnl2sPjdlQayM/TZ7p6gserdLjms336tvU/6GOIjv
-v10uvDsFVxafuASY1tQSlrFLwF2NwavVOWlPhdlYLvOUnT/zk7fWKRFy7WXp6hD5
-RAkI4+ywuhS6eiZy3wIv/04VjFGYAB1x3NfHVwSuo+cjz/UvI3sU1i0LR+aOSRoP
-9GM8OBpaTxRu/vEHd3k0A2FLP3sJYzkSD6A0p+nqbMfrPKRuZEjDYvBad4KemAl2
-5GRxNeZkJUk0CX2QK2cqr6xOa7598Nr+3ejv99Iiga5r2VlSSdsbV3U9j3RoZY48
-J0RvSgsVeeYqE93SUsVKhSoN4UIdhiVoDCvLtuIeqfQjehowent03OwDUiYw0TeV
-GqmcN54Ki6v+EWSNqY2h01wcbMuQw6PDQ/mn1pz7f/ZAt9T0fop6ml4Mg4nud9S9
-b/Y9+XfuJlPKwZIgQEtrpSfLveOBmWYRu9/rSX9YtHx+pyzbWDtwrF0O9Z/pO+T4
-qOMmfc2ltjzRMFKK6JZFhFVHQP0AKsxLChQrzoHr5k7Rmcn+iGtmqD4tWtzgEQvA
-umhNsm4nrR92hB97yxw3WC9gGvJlBIi/swrCxiKCJDklxCZtVCmqwMFx/bzXu3pH
-sKwYv3poURR9NZb7kDcCAwEAAaNQME4wHQYDVR0OBBYEFNhH71tQSivnjfCHd7pt
-3Qo50DCZMB8GA1UdIwQYMBaAFNhH71tQSivnjfCHd7pt3Qo50DCZMAwGA1UdEwQF
-MAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGSCDF/l/ExabQ1DfoKoRCmVoslnK+M1
-0TuDtfss2zqF89BPLBNBKdfp7r1OV4fp465HMpd2ovUkuijLjrIf78+I4AFEv60s
-Z7NKMYEULpvBZ3RY7INr9CoNcWGvnfC/h782axjyI6ZW6I2v717FcciI6su0Eg+k
-kF6+c+cVLmhKLi7hnC9mlN0JMUcOt3cBuZ8NvCHwW6VFmv8hsxt8Z18JcY6aPZE8
-32XzdgcU/U9OAhv1iMEuoGAqQatCHAmA3FOpfI9LjVOxW0LZgHWKX7OEyDEZ+7Ed
-DbEpD73bmTp89lvFcT0UEAcWkRpD+VSozgYEzSeNmzKks2ngl37SlG2YQ23UzgYS
-alGcUEJFBmWr9pJUN+tDPzbtmlrEw9pA6xYZMTDgAQSRHGQK/5lISuzEIMR0nh3q
-Hyhmamlg+zkF415gYKUwh96NgalIc+Y9B4vnSpOv7b+ZFXoubBD2Wk5oi0Ziyog0
-J8YcbLQ8ZhINRvDyNv0iWHNachIzO1/N5G5H8hjibLkH+tpFBSs3uCiwTi+L/MlD
-Pqc0A6Slyi8TnJJDFCDaa3xU321dkvyhGmPeqiyIK+dpJO1FI3OU0rZeGGcyc+K6
-SnDRByp0HQt9W/8Aw+kXjUoI8LOYeR/7Ctd+Tqf11TDxmw9w9LSIEhiYeEJQCxTc
-Dk72PkeTi1zO
------END CERTIFICATE-----

testsuite/integration-arquillian/tests/base/src/test/resources/dockerClientTest/keycloak-docker-compose-yaml/certs/localhost.key

@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKQIBAAKCAgEAyIKYO7gYA9T8PpqTf2Lad81XcHzhiRYvvzUDgR4UD1NummWP
-nl2sPjdlQayM/TZ7p6gserdLjms336tvU/6GOIjvv10uvDsFVxafuASY1tQSlrFL
-wF2NwavVOWlPhdlYLvOUnT/zk7fWKRFy7WXp6hD5RAkI4+ywuhS6eiZy3wIv/04V
-jFGYAB1x3NfHVwSuo+cjz/UvI3sU1i0LR+aOSRoP9GM8OBpaTxRu/vEHd3k0A2FL
-P3sJYzkSD6A0p+nqbMfrPKRuZEjDYvBad4KemAl25GRxNeZkJUk0CX2QK2cqr6xO
-a7598Nr+3ejv99Iiga5r2VlSSdsbV3U9j3RoZY48J0RvSgsVeeYqE93SUsVKhSoN
-4UIdhiVoDCvLtuIeqfQjehowent03OwDUiYw0TeVGqmcN54Ki6v+EWSNqY2h01wc
-bMuQw6PDQ/mn1pz7f/ZAt9T0fop6ml4Mg4nud9S9b/Y9+XfuJlPKwZIgQEtrpSfL
-veOBmWYRu9/rSX9YtHx+pyzbWDtwrF0O9Z/pO+T4qOMmfc2ltjzRMFKK6JZFhFVH
-QP0AKsxLChQrzoHr5k7Rmcn+iGtmqD4tWtzgEQvAumhNsm4nrR92hB97yxw3WC9g
-GvJlBIi/swrCxiKCJDklxCZtVCmqwMFx/bzXu3pHsKwYv3poURR9NZb7kDcCAwEA
-AQKCAgEAsPuM0dGZ6O/7QmsAXEVuHqbyUkj4bh9WP8jUcgiRnkF/c+rHTPrTyQru
-Znye6fZISWFI+XyGxYvgAp54osQbxxUfwWLHmL/j484FZtEv8xe33Klb+szZDiTV
-DVrmJXgFvVOlTvOe1TlEYHWVYvQ89yzKSIJNBZnrGCSpwJ3lcPCmWwyaOoPezeMv
-mMYhnq50VBn2Y13AoOnIJ5AUz/8yglXt1UIuajrgkcKwgnlPpOYnwgAEAmFglONQ
-DNjVAY2YLTJ9ccaV5hDP3anXwHtb70kTV19NCk11AfBObT4Wniju5acKhVHcKley
-9T7haXZinOLPMUcFOkmbJaRHlTMj3UgnF4k2iJJ7NyY3lAAIedlZ3EFNwpa68Roo
-WClNAJIV6KYRExOZfqeRyR09loTnynPgxkMR4N4oLJHCiTtReXW5Y1HAYbT+iVHC
-Ox1ob/INuZ1VoumDfn6bRqFdK8LldjBwVqRecSad/dg84BtjTB/po81aUpSRENEV
-aZP+jOT9kZbybACh8FdF8u7mxgL+x7Xidng3SKRJi5whQJNmQ62QkzTFMPVXCqlO
-ABsz2a/Zw7swyetg9uApoTTCeK1P0V/MrcEVTIGmcABfBYAVMBj1S2SH1xgAr20P
-IR3SOpPtiNYhIIOnfyQQ3qVudsaSOAJH26I7QLnMyBqOId0Js9ECggEBAOSrGSfT
-bm7OhGu1ZcTmlS17kjsUUYn1Uy30vV5e7uhpQGmr4rKVWYkNeZa5qtJossY3z+4H
-9fZAqJWH2Cr/4pqnfz4GqK+qE56fFdbyHzHKLZOXZGdp9fQzlLsEi9JVYgv+nAPR
-MHS7WeMTUlFc+P3pP6Btyhk/x7YfZnnlatFYlsNJVzUVdblrG6wSVZGpmxcNIeM2
-UeGG78aDBZQdKUO+xuh6MFW20lU165QC1JfGE+NRawqvgSD09F3MGkEwJuD8XEBg
-/rOwNUg8/ayQhd1EgRGQOiDgqfXSpsF101HPUSX/HDC41KG3gTKTc/Vw+ac5ID1r
-b3PKExEXCicDgCkCggEBAOB55eVsRZHBHeBjhqemH8SxWUfSCbx17cGbs7sw95Rs
-3wYci7ABC8wbvG5UDNPd3BI2IV5bJWYOlbVv+Y1FjNHamQjiSXgB3g6RzvaM0bVP
-1Rvn7EvQF87XIKEdo3uHtvpSVBDHYq/DtDyE9wwaNctxBgJwThVXVYINsp+leGsD
-uGVMAsUP01vMNdHJBk/ANPvYxUkDOCtlDDV8cyaFVJAq4/A1h4crv39S/6ZY/RWo
-LQpYnA47pfKZzxvtDQsnVTmolQ8x4yAX5bQrpKAt/hIJhzKdeCglgVr9cq/7sNOO
-kDLZzPLlFPRX1gOHTpDlucNxxlIjPh2h+3CCCPUzGV8CggEAYGmDgbczqKSKUJ96
-+Tn/S93+GcrHVlOJbqbx8Qg10ugNsIA4ZPNzfMWhrls6GtzqA4kkskfI/LrmWaWd
-DwQ0luBoVc6Y8PfUrdyFaMtNO8Dy1nfObYvPl9bnrrKMAXLelBAV18YrmAwmKgfL
-fWKl2OivWwTvYRXzLmau3lZMY1fmuRADJO6XZEY0tKhGS9Qm/+EZmKMeguhR0HEN
-uRVSgK2/T+W0227p3+OMICvRVuy9FesOJsM4vpyJK8MSjsmums3MV5iNy1VQIdUV
-X9zPlCt9/9m/qH0RLARVKtxy7Ntsa4jUafaEMGseniRtj97CZC9B2KOjqj5ZK6t7
-LFfdgQKCAQEAtu6gC3dQupdGYba55aXb/c8Jkx34ET2JpF3e+o3NNYgDuFdK/wPb
-OVrhFIgqa/5BehXi26IruB/qoRG/rQEg4WPjkvnWJZZgAD+TChl4TOniIfu+9Yl/
-3XAzhxlAQUs4MoclOwdBxTsXhrpVGefCLyjMXPBosbuaU4IWL0QJ/ivp+aMYHr/m
-3shsk6nfGt7oTtU48WdOPw76BByHOr0tTM+nMfptmBpu1LQu4sFifmOvUN8lTfQO
-KMZvobJtDsnfCj34O4nMLjtLVqi6YE8a3lgldXoekZj+8cfZztCuKbnkiYw1GTzW
-9skd/4Ik5LBR0pTFqepOlJeM8QMHics6wQKCAQA+6RvPk2/b8OJArrFHkhNbfqpf
-Sa/BvRam8azo2MGgOZWVm/yAGHvoVgOaq2H1DrrDh6qBlzZULpwFD+XeuuzYrLs2
-mYr2LFZdeQtd95V7oASdM0OlFatzKPOoLrHwNc4ztwNz0sMrjTYxDG07mp/3Ixz7
-koUPinV636wZUmvwHiUTlD4E2db+fslDhBUc+HV/4MXihvMSA3D8Mum9SttMABYJ
-L0lBzexfVL8oyYvft/tGwV9LwrlFpzndnX6ZZvgJUqzBPx/+exuZjnTwD3N70SN+
-T0TwL0tsVE5clxVdv5xlm5WIW4kQKglRoJnVB1TnpFddRRu/QD8S+e/S6G4w
------END RSA PRIVATE KEY-----

testsuite/integration-arquillian/tests/base/src/test/resources/dockerClientTest/keycloak-docker-compose-yaml/sysconfig_docker

@@ -1,45 +0,0 @@
-# /etc/sysconfig/docker
-
-# Modify these options if you want to change the way the docker daemon runs
-OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
-if [ -z "${DOCKER_CERT_PATH}" ]; then
-    DOCKER_CERT_PATH=/etc/docker
-fi
-
-# If you want to add your own registry to be used for docker search and docker
-# pull use the ADD_REGISTRY option to list a set of registries, each prepended
-# with --add-registry flag. The first registry added will be the first registry
-# searched.
-# ADD_REGISTRY='--add-registry registry.access.redhat.com'
-
-# If you want to block registries from being used, uncomment the BLOCK_REGISTRY
-# option and give it a set of registries, each prepended with --block-registry
-# flag. For example adding docker.io will stop users from downloading images
-# from docker.io
-# BLOCK_REGISTRY='--block-registry'
-
-# If you have a registry secured with https but do not have proper certs
-# distributed, you can tell docker to not look for full authorization by
-# adding the registry to the INSECURE_REGISTRY line and uncommenting it.
-INSECURE_REGISTRY='--insecure-registry registry.localdomain:5000'
-
-# On an SELinux system, if you remove the --selinux-enabled option, you
-# also need to turn on the docker_transition_unconfined boolean.
-# setsebool -P docker_transition_unconfined 1
-
-# Location used for temporary files, such as those created by
-# docker load and build operations. Default is /var/lib/docker/tmp
-# Can be overriden by setting the following environment variable.
-# DOCKER_TMPDIR=/var/tmp
-
-# Controls the /etc/cron.daily/docker-logrotate cron job status.
-# To disable, uncomment the line below.
-# LOGROTATE=false
-#
-
-# docker-latest daemon can be used by starting the docker-latest unitfile.
-# To use docker-latest client, uncomment below lines
-#DOCKERBINARY=/usr/bin/docker-latest
-#DOCKERDBINARY=/usr/bin/dockerd-latest
-#DOCKER_CONTAINERD_BINARY=/usr/bin/docker-containerd-latest
-#DOCKER_CONTAINERD_SHIM_BINARY=/usr/bin/docker-containerd-shim-latest