From 8d314a69a01f0909cc94ebbf5d04ecab8de69674 Mon Sep 17 00:00:00 2001 From: Steven Hawkins Date: Mon, 30 Sep 2024 10:11:58 -0400 Subject: [PATCH] fix: adding doc note about admin ingress (#33392) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: adding doc note about admin ingress closes: #33203 Signed-off-by: Steve Hawkins * Update docs/guides/operator/basic-deployment.adoc Co-authored-by: Martin Bartoš Signed-off-by: Steven Hawkins --------- Signed-off-by: Steve Hawkins Signed-off-by: Steven Hawkins Co-authored-by: Martin Bartoš --- docs/guides/operator/basic-deployment.adoc | 4 ++++ operator/README.md | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/guides/operator/basic-deployment.adoc b/docs/guides/operator/basic-deployment.adoc index 0b62ea552e..e70505da0a 100644 --- a/docs/guides/operator/basic-deployment.adoc +++ b/docs/guides/operator/basic-deployment.adoc @@ -100,6 +100,10 @@ When running on OpenShift, with ingress enabled, and with the spec.ingress.class The operator will assign a default hostname to the stored version of the CR similar to what would be created by an OpenShift Route without an explicit host - that is ingress-namespace.appsDomain If the appsDomain changes, or should you need a different hostname for any reason, then update the Keycloak CR. +NOTE: If you set the `hostname-admin`, or the deprecated `hostname-admin-url`, even if you enable ingress, no ingress will be created specifically for admin access. +Admin access via a separate hostname is generally expected to have access restrictions, which are not currently expressible via the Keycloak CR. +Also the default ingress does not prevent accessing admin endpoints, so you may not want to enable ingress handling via the Keycloak CR at all when you have a separate hostname for admin endpoints. + ==== TLS Certificate and key See your Certification Authority to obtain the certificate and the key. diff --git a/operator/README.md b/operator/README.md index 01b40585c0..9ea1d4b69a 100644 --- a/operator/README.md +++ b/operator/README.md @@ -11,7 +11,7 @@ When build from the project root directory, this module is only enabled if the i ## Building -Ensure you have JDK 11 (or newer) installed. +Ensure you have JDK 17 (or newer) installed. Build the Docker image with: