libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

adds port names to the pod / service (#21291)

Browse source 
Closes #12593
This commit is contained in:
Steven Hawkins 2023-07-03 02:13:30 -04:00 committed by GitHub
parent 91e543f415
commit b0e7958906
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 31 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
operator/src/main/java/org/keycloak/operator/Constants.java
View file

@ -52,6 +52,8 @@ public final class Constants {
public static final Integer KEYCLOAK_HTTP_PORT = 8080;
public static final Integer KEYCLOAK_HTTPS_PORT = 8443;
public static final String KEYCLOAK_HTTP_PORT_NAME = "http";
public static final String KEYCLOAK_HTTPS_PORT_NAME = "https";
public static final String KEYCLOAK_SERVICE_PROTOCOL = "TCP";
public static final String KEYCLOAK_SERVICE_SUFFIX = "-service";
public static final Integer KEYCLOAK_DISCOVERY_SERVICE_PORT = 7800;

15
operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java
View file

@ -24,7 +24,6 @@ import io.fabric8.kubernetes.api.model.EnvVarBuilder;
import io.fabric8.kubernetes.api.model.EnvVarSourceBuilder;
import io.fabric8.kubernetes.api.model.HTTPGetActionBuilder;
import io.fabric8.kubernetes.api.model.HasMetadata;
import io.fabric8.kubernetes.api.model.IntOrString;
import io.fabric8.kubernetes.api.model.PodStatus;
import io.fabric8.kubernetes.api.model.PodTemplateSpec;
import io.fabric8.kubernetes.api.model.ResourceRequirements;
@ -333,12 +332,14 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
.withName("keycloak")
.withArgs("start")
.addNewPort()
.withContainerPort(8443)
.withProtocol("TCP")
.withName(Constants.KEYCLOAK_HTTPS_PORT_NAME)
.withContainerPort(Constants.KEYCLOAK_HTTPS_PORT)
.withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL)
.endPort()
.addNewPort()
.withContainerPort(8080)
.withProtocol("TCP")
.withName(Constants.KEYCLOAK_HTTP_PORT_NAME)
.withContainerPort(Constants.KEYCLOAK_HTTP_PORT)
.withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL)
.endPort()
.withNewReadinessProbe()
.withInitialDelaySeconds(20)
@ -396,14 +397,14 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
container.getReadinessProbe().setHttpGet(
new HTTPGetActionBuilder()
.withScheme(protocol)
.withPort(new IntOrString(kcPort))
.withNewPort(kcPort)
.withPath(kcRelativePath + "health/ready")
.build()
);
container.getLivenessProbe().setHttpGet(
new HTTPGetActionBuilder()
.withScheme(protocol)
.withPort(new IntOrString(kcPort))
.withNewPort(kcPort)
.withPath(kcRelativePath + "health/live")
.build()
);

9
operator/src/main/java/org/keycloak/operator/controllers/KeycloakIngress.java
View file

@ -17,13 +17,14 @@
package org.keycloak.operator.controllers;
import io.fabric8.kubernetes.api.model.HasMetadata;
import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
import io.fabric8.kubernetes.api.model.networking.v1.IngressBuilder;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
import org.keycloak.operator.Constants;
import org.keycloak.operator.crds.v2alpha1.deployment.spec.IngressSpec;
import org.keycloak.operator.crds.v2alpha1.deployment.Keycloak;
import org.keycloak.operator.crds.v2alpha1.deployment.KeycloakStatusAggregator;
import org.keycloak.operator.crds.v2alpha1.deployment.spec.IngressSpec;
import java.util.HashMap;
import java.util.Optional;
@ -80,7 +81,7 @@ public class KeycloakIngress extends OperatorManagedResource implements StatusUp
.withIngressClassName(optionalSpec.map(IngressSpec::getIngressClassName).orElse(null))
.withNewDefaultBackend()
.withNewService()
.withName(keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX)
.withName(KeycloakService.getServiceName(keycloak))
.withNewPort()
.withNumber(port)
.withName("") // for SSA to clear the name if already set
@ -94,7 +95,7 @@ public class KeycloakIngress extends OperatorManagedResource implements StatusUp
.withPathType("ImplementationSpecific")
.withNewBackend()
.withNewService()
.withName(keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX)
.withName(KeycloakService.getServiceName(keycloak))
.withNewPort()
.withNumber(port)
.withName("") // for SSA to clear the name if already set

8
operator/src/main/java/org/keycloak/operator/controllers/KeycloakService.java
View file

@ -44,9 +44,11 @@ public class KeycloakService extends OperatorManagedResource implements StatusUp
}
private ServiceSpec getServiceSpec() {
String name = isTlsConfigured(keycloak) ? Constants.KEYCLOAK_HTTPS_PORT_NAME : Constants.KEYCLOAK_HTTP_PORT_NAME;
return new ServiceSpecBuilder()
.addNewPort()
.withPort(getServicePort(keycloak))
.withName(name)
.withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL)
.endPort()
.withSelector(getInstanceLabels())
@ -87,7 +89,11 @@ public class KeycloakService extends OperatorManagedResource implements StatusUp
@Override
public String getName() {
return cr.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX;
return getServiceName(cr);
}
public static String getServiceName(HasMetadata keycloak) {
return keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX;
}
public static int getServicePort(Keycloak keycloak) {

10
operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakDeploymentTest.java
View file

@ -23,6 +23,8 @@ import io.fabric8.kubernetes.api.model.LocalObjectReferenceBuilder;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.api.model.SecretKeySelectorBuilder;
import io.fabric8.kubernetes.api.model.Service;
import io.fabric8.kubernetes.api.model.ServicePort;
import io.fabric8.kubernetes.api.model.apps.StatefulSet;
import io.fabric8.kubernetes.api.model.apps.StatefulSetBuilder;
import io.fabric8.kubernetes.api.model.apps.StatefulSetSpecBuilder;
@ -716,12 +718,16 @@ public class KeycloakDeploymentTest extends BaseOperatorTest {
}
private void assertKeycloakAccessibleViaService(Keycloak kc, boolean https, int port) {
var service = new KeycloakService(k8sclient, kc);
Awaitility.await()
.ignoreExceptions()
.untilAsserted(() -> {
String protocol = https ? "https" : "http";
String url = protocol + "://" + service.getName() + "." + namespace + ":" + port;
String serviceName = KeycloakService.getServiceName(kc);
assertThat(k8sclient.resources(Service.class).withName(serviceName).require().getSpec().getPorts()
.stream().map(ServicePort::getName).anyMatch(protocol::equals));
String url = protocol + "://" + serviceName + "." + namespace + ":" + port;
Log.info("Checking url: " + url);
var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, url);

1
operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakServicesTest.java
View file

@ -62,6 +62,7 @@ public class KeycloakServicesTest extends BaseOperatorTest {
// a managed change
currentService.getSpec().getPorts().get(0).setProtocol("UDP");
currentService.getSpec().getPorts().get(0).setName(null);
currentService.getMetadata().getLabels().putAll(labels);