Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores
...
closes #10794
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-18 15:56:43 +01:00
Àngel Ollé Blázquez
2c341d4bc5
Fixes KeycloakDistConfiguratorTest missingHostname test case. ( #25643 )
...
Closes #25642
Signed-off-by: Àngel Ollé Blázquez <angel@olleb.com>
2023-12-18 11:51:33 +00:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr ( #25215 )
...
also generally correcting the misspelling trustore
closes : #24798
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-14 11:15:06 -03:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag ( #25216 )
...
closes : #25015
Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-12-11 16:15:16 +00:00
Steven Hawkins
319d9e78fb
fix: use name to find the admin secret ( #25362 )
...
closes : #25307
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-08 15:14:09 +01:00
Václav Muzikář
040124bfa7
Fix missing CRD metadata in Operator CSV ( #25043 )
...
Closed #24984
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-27 12:37:35 +00:00
Václav Muzikář
3bc7ef7ed5
Update to Quarkus 3.2.9 ( #24842 )
...
Closes #24841
Closes #24160
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 14:27:13 +01:00
Steven Hawkins
495669e7a4
fix: removing the hard expectation of setting the restart condition ( #24796 )
...
closes #24797
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-11-16 14:39:40 +00:00
Steven Hawkins
b6d5083e9b
fix: check operand StatefulSet is ready before creating job ( #24720 )
...
closes #24526
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Piotr Godowski <Piotr.Godowski@pl.ibm.com>
2023-11-15 14:08:27 +01:00
Peter Skopek
e5eded0eab
Add possibility to override fileName and base directory of Keycloak Quarkus distribution ZIP archive ( #24284 )
...
Closes #24283
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-11-07 10:31:58 +01:00
Alex Szczuczko
d7143c59e3
Add provided scope to quarkus-container-image-docker ( #24583 )
...
Closes #24581
2023-11-07 08:42:29 +01:00
Steven Hawkins
a6f6a52897
fix: exceptions should be ignored in until the condition is met ( #24478 )
...
closes #24477
2023-11-02 08:41:16 +01:00
Václav Muzikář
511fc76d50
Remove Quarkus branding from the Operator log ( #24418 )
...
Closes #24413
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-10-31 14:18:18 +00:00
Steven Hawkins
5ff5e12782
fix: moves jgroups.dns.query to a system property ( #24057 )
...
* fix: moves jgroups.dns.query to a system property
closes #21830
* removing the dns query from import
* removing the dns query from import
also removing cache-stack
2023-10-20 09:50:29 +02:00
Pierre Prinetti
22868406c2
operator: Replace dead documentation link ( #23777 )
...
Before this patch, the documentation link generated for the Operator
page resulted in a 404 Not Found on Github pages.
With this change, the documentation link points to the "Operator" anchor
in the Keycloak docs index. Note that the operator docs don't seem to be
versioned on the Keycloak website.
2023-10-19 11:53:46 +00:00
Steven Hawkins
8f1234881d
test: eliminates some possible timing issues with watched secrets tests ( #23975 )
...
closes #23940
2023-10-18 08:55:31 +02:00
Alex Szczuczko
359a946a6f
Optionally accept RELATED_IMAGE_KEYCLOAK as the operand coordinate ( #24018 )
...
This changes the quarkus configuration of the operator so that if the
RELATED_IMAGE_KEYCLOAK environment variable is present, it will be
accepted over the default value
Closes #24017
2023-10-17 15:17:51 +00:00
Steven Hawkins
a65af2d254
Converts keycloakdeployment to a dependent resource ( #22591 )
...
Closes #22225
2023-10-06 17:52:50 +00:00
Steven Hawkins
f100aa7e07
fix: remove common-compress ( #23745 )
...
closes #23331
2023-10-05 17:09:40 +00:00
Steven Hawkins
d351290c0c
switching the operator role to clusterrole for ingresses config ( #23641 )
...
closes #23629
2023-10-03 12:31:23 +02:00
Steven Hawkins
0bae359058
narrows condition status to a string ( #22439 )
...
Closes #21299
2023-09-22 18:29:29 +02:00
Steven Hawkins
7d1e9a783f
adds a default domain on openshift if one is not specified ( #23324 )
...
Closes #21741
2023-09-21 14:43:29 +02:00
Steven Hawkins
b343f87c60
ensures support for cluster-wide monitoring ( #22821 )
...
Partially addresses #15888
2023-09-19 17:46:37 +00:00
Steven Hawkins
7f5e5e0e1c
Corrects log truncation and adds the database to logging ( #23072 )
...
Closes #22985
2023-09-12 08:34:30 +00:00
Steven Hawkins
1545680c48
Adds failing remote operator logs to the main test log ( #22990 )
...
Closes #22985
2023-09-06 08:35:03 +02:00
Steven Hawkins
ffc6bc497a
allows normal reconciliation to continue even if secrets are not present ( #22404 )
...
* allows normal reconciliation to continue even if secrets are not present
Closes #22170
* adds polling if any secret (in particular optional) is not present
Closes #22170
2023-09-01 10:34:31 +02:00
Steven Hawkins
6a83703774
Removes the bundle generator from the runtime ( #22820 )
...
Closes #22573
2023-08-31 10:01:06 +00:00
Steven Hawkins
7604370a00
removes quarkus-openshift since it's not being utilized ( #22834 )
...
Closes #10963
2023-08-31 09:07:15 +02:00
Steven Hawkins
28a18bf7b9
removes the SSA logging that is capturing the entire resource ( #22608 )
...
Closes #22607
2023-08-28 15:33:43 +00:00
Steven Hawkins
07a4bc4db1
Ensures the CRDs are ready for use after installed ( #22622 )
...
also decreases the default poll interval
Closes #22506
2023-08-23 08:52:39 +02:00
Steven Hawkins
6b0e1f87f9
converts the ingress logic to a conditional dependent resource ( #22221 )
...
Closes #22206
2023-08-21 17:34:59 +00:00
Steven Hawkins
e516d27f24
Converts realm import to dependent resources ( #22299 )
...
Closes #22223
2023-08-21 16:18:56 +00:00
Steven Hawkins
7a71d3ef92
removing the quarkus-minikube dependency ( #22521 )
...
Closes #22517
2023-08-21 14:07:14 +00:00
Steven Hawkins
080b53fbce
removing build time dependencies from the runtime ( #22501 )
...
Closes #22496
2023-08-21 12:41:23 +00:00
Peter Zaoral
568590fcdd
Remove Brotli dependencies from the distribution and operator ( #22484 )
...
* excluded the dependencies from the keycloak-quarkus-server and operator poms
Closes #22482
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-08-17 08:53:35 +02:00
Steven Hawkins
b216895baf
removing vertx-uri-template as a dependency ( #22470 )
...
there's no usage of UriTemplate (smallrye or vertx in keycloak /
fabric8), so it can be removed from server and the operator
Closes #22468
2023-08-16 16:55:04 +02:00
Steven Hawkins
48a4102c97
removes logging full resources to omit secret data ( #22467 )
...
Closes #22080
2023-08-15 16:01:40 +00:00
Steven Hawkins
c18475fc57
adds the http service port if enabled ( #22155 )
...
Closes #22131
2023-08-10 16:01:57 +00:00
Steven Hawkins
1d444ff862
converts the keycloak services to dependent resources ( #22257 )
...
Closes #22207
2023-08-10 13:56:13 +00:00
Steven Hawkins
b4e876364a
removes the termination grace period override ( #22203 )
...
Closes #22160
2023-08-10 10:43:38 +00:00
Steven Hawkins
697cd8595b
switches the admin secret to a dependent resource ( #22044 )
...
Closes #22183
2023-08-03 14:37:43 +00:00
Steven Hawkins
c2d5cc67af
simplifying status updates to a single method for each controller ( #22081 )
...
also removing the getValueFromSubSpec method
Closes #22182
2023-08-02 14:44:40 +00:00
Steven Hawkins
ec86d16c43
makes spec.replicas optional ( #22152 )
...
Closes #22151
2023-08-02 10:50:14 +00:00
Václav Muzikář
b78b498a26
Fix Operator tests on OpenShift
...
Closes #22140
Closes #22142
Closes #22143
2023-08-01 20:19:25 +02:00
Václav Muzikář
cce0778886
Change postgres image for Operator tests
...
Closes #22032
2023-08-01 20:18:48 +02:00
Steven Hawkins
b2e11735ed
refinements to improve how pod logs are saved ( #22093 )
...
also adding more information into the main log
Closes #10128
2023-07-31 17:05:30 +02:00
Steven Hawkins
819d33411a
changes to speed up test times ( #21658 )
...
Closes #10731
2023-07-27 14:08:21 +02:00
Steven Hawkins
9b0f4fb581
Removes the initial delay seconds and adds a startup probe ( #21884 )
...
Adjusted the thresholds and delays accordingly
Closes #21111
2023-07-26 10:48:54 +02:00
Steven Hawkins
821316a61a
updating the location of the Dockerfile ( #21879 )
2023-07-24 08:25:23 +02:00
Václav Muzikář
9c63cf98e7
Use --verbose
by default in Operator deployments
...
Closes #21802
2023-07-21 18:46:01 +02:00
Steven Hawkins
3cbd4eb10a
removes the filtering of erroneous enum values ( #21790 )
...
With the update to fabric8 6.7.2, this filtering is no longer needed
Closes #20935
2023-07-21 08:49:01 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies ( #21543 )
...
Closes #21360
2023-07-20 11:57:18 +02:00
Steven Hawkins
1fa6f6ab2d
Adds a pod list rbac ( #21832 )
...
Closes #21814
2023-07-20 09:05:07 +00:00
Steven Hawkins
ebe6e6c965
switches the workaround to JsonNode, which produces a cleaner crd ( #21788 )
...
Closes #21739
2023-07-19 08:12:44 +02:00
Steven Hawkins
fa83034474
Also replaces md5 usage with sha-256 ( #21162 )
...
closes #21125
2023-07-17 10:48:04 +02:00
Steven Hawkins
b0b9c1a76e
Switches the merging logic to using the override as the basis ( #21415 )
...
Ensures additionalProperties are the lowest precedence
Also removes support for setting the image pull secrets via the
unsupported podtemplate
Closes #10503
2023-07-14 12:42:03 +02:00
Václav Muzikář
6a3ea1a084
keycloakCRName
and realm
are no longer marked as required in KeycloakRealmImport CRD
...
Closes #21607
2023-07-12 08:03:12 -03:00
Pedro Ruivo
165c36f9ff
Enable publishNotReadyAddresses for discovery service ( #21511 )
...
Closes #21493
2023-07-10 17:02:55 +02:00
Peter Zaoral
2b1c29a6f2
Use Quarkus Platform BOM
...
Closes #20570
Closes #15870
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2023-07-06 12:45:48 -03:00
Václav Muzikář
ad988ca914
Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
...
Closes #21272
2023-07-03 08:11:18 -03:00
Steven Hawkins
b0e7958906
adds port names to the pod / service ( #21291 )
...
Closes #12593
2023-07-03 08:13:30 +02:00
Steven Hawkins
5ee21ab6d1
scrapes pod container statuses when waiting for more to become available ( #21257 )
...
Closes #10285
2023-06-30 08:49:48 +00:00
Steven Hawkins
73076a37f9
adding just crd tests of the specs ( #21302 )
...
Closes #20936
2023-06-29 16:55:11 +02:00
Steven Hawkins
88992dae19
widens status to be any type. ( #21281 )
...
this is to avoid olm complaining about an incompatible schema during
upgrade
Relates to #13074
2023-06-29 08:57:22 +02:00
Steven Hawkins
e9c9f80e8d
adds an instance label to support multiple instances ( #20906 )
...
Closes #10562 #14220
2023-06-28 18:05:23 +02:00
Steven Hawkins
4dba17253e
changes the label prefix to operator.keycloak.org ( #21175 )
...
closes #21141
2023-06-28 11:21:02 +02:00
Steve Hawkins
6a92669139
finishes the conversion away from createOrReplace
...
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource
Closes #20850
2023-06-23 11:55:47 -03:00
Martin Bartoš
13a463f71e
Avoid calls to Control Plane when the secondary resource is in cache
...
Closes #21109
2023-06-22 10:03:35 -03:00
Martin Bartoš
0ecdebc000
Incorrect Url on Keycloak Health - Liveness and Readiness, no Startup Probes
...
Fixes #17388
2023-06-22 05:32:53 -03:00
Steve Hawkins
5701f70157
changes condition status to be a string, rather than a boolean
...
Closes #13074
2023-06-21 17:14:33 -03:00
Steve Hawkins
4540ca365c
infers the default ip/hostname from the client
...
Closes #21114
2023-06-21 12:30:54 -03:00
Steve Hawkins
14747f45ca
removing the usage of MultivaluedStringStringHashMap and ComponentExport
...
map
upstream improvements make this no longer necessary
Closes #20937
2023-06-21 12:30:41 -03:00
Alex Szczuczko
3246a15442
Use quarkus-operator-sdk-bundle-generator for OLM YAMLs
...
Closes #10911
2023-06-20 15:01:44 -03:00
Martin Bartoš
c3000984db
Upgrade to Quarkus 3.1.1.Final ( #20958 )
...
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-06-14 08:51:38 -03:00
Steve Hawkins
7e2565c9fe
using multiple SchemaSwap annotations instead of the schell script
...
Closes #10736
2023-06-13 06:00:28 -03:00
Steve Hawkins
c1e96564dc
Removes the check for full readiness of 3 replicas
...
In the ci environment the amount of time between 3 pods being created
and all being ready seems highly variable. Also since we currently lack
the status information to determine if a deployment is not progressing,
it's best just to remove this check. The latter check asserting full
readiness of 2 replicas will suffice.
Closes #20888
2023-06-12 12:34:48 -03:00
Steven Hawkins
91a3ab6b87
expands the status handling to account for the prior status ( #20856 )
...
Closes #20853
2023-06-08 17:09:39 +02:00
Steven Hawkins
075d913037
enabling keycloak to be a scalable resource ( #20828 )
...
Closes #20825
2023-06-07 17:57:25 +02:00
Steven Hawkins
d77041f177
mostly updating the logic to newer fabric8 apis ( #20825 )
...
Closes #20822
2023-06-07 14:58:39 +02:00
Václav Muzikář
989ffe2d22
Remove Fabric8 override from the Operator ( #20728 )
...
Closes #20130
2023-06-06 13:58:20 +00:00
Steven Hawkins
d045156ba4
Adding the ability to set ingressClassName ( #20796 )
...
Closes #20723
2023-06-05 21:10:39 +00:00
Václav Muzikář
f627e9535f
Add support to the Operator for setting default labels on Keycloak pods ( #20661 )
...
Closes #20625
2023-06-01 13:39:41 +02:00
Pedro Ruivo
cffb8141e2
Allow custom annotation in Ingress ( #20577 )
...
Closes #20576
2023-05-26 15:24:59 +00:00
Alex Szczuczko
1578506475
Seperate version properties for hibernate-enhance and quarkus-maven ( #20264 )
...
This will allow them to be defined seperately from aligned dependency
versions suitable for product
Closes #20261
2023-05-18 14:37:55 +00:00
Andre Nascimento RH
851ecb43fc
Stops the recreation of managed Keycloak Statefulset Pods when Keycloak Operator restarts occasionally. ( #20187 )
2023-05-09 19:33:12 +02:00
Václav Muzikář
e44464d3b8
Remove OkHttp Client from the Operator
...
Closes #19573
2023-05-05 12:10:39 -03:00
Václav Muzikář
983e40ad2b
Add OpenShift support to KeycloakIngressTest ( #20030 )
2023-05-02 14:24:54 +02:00
Bruno Oliveira da Silva
373b5c1d9f
Update to Quarkus 3.0.1.Final ( #20011 )
...
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Closes #20010
Closes #19080
Closes #17476
Closes #19286
Closes #17557
Closes #17556
Closes #17555
Closes #17475
Closes #15879
Closes #15878
2023-05-02 10:13:23 +02:00
Václav Muzikář
dd6e73ec7c
Upgrade Operator SDK to 6.0.0.CR1
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/operator/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Alexander Schwartz
4f8d67c9fc
All commands now auto-reaugment except show-config
...
Closes #15782
Closes #15898
Closes #17498
2023-04-21 15:06:51 +02:00
ikhomyn
84a7b57059
fix db for openshift
2023-04-21 12:36:41 +00:00
Alex Szczuczko
edaa84b1e5
Build the operator container via Dockerfile ( #19642 )
...
Closes #16967
2023-04-21 08:32:29 +02:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Andre Nascimento
aa422484e2
Improvements on Operator Integration Tests to make sure that Config set in CR takes precedence.
...
Closes #13114
2023-02-23 08:51:40 +01:00
Andre Nascimento
cb78ea06b0
Make sure the customized Ingress resource isn't deleted when the Keycloak deployed by Operator is killed.
...
Closes #14433
2023-02-16 17:31:31 +01:00
Václav Muzikář
2089878740
Update Operator container to UBI 9 / RHEL 9
...
Closes #17068
2023-02-15 16:26:29 -03:00
Alex Szczuczko
610e3044ad
Minimize the RPM content of the Quarkus container
...
Even though we use `ubi8-minimal` as the parent of our container, it
still has many RPMs installed that aren't necessary to run the Keycloak
server. Also, since the JDK RPM (that we install on top of
`ubi8-minimal`) is designed for general use, it pulls in more dependency
RPMs than it strictly needs to, like cups and avahi. Keycloak will never
need to access a printer itself!
Trimming down these excess RPMs will improve our CVE statistics with
automated scanners, and therefore let us perform fewer CVE rebuilds.
`ubi8-null.sh` uses the low-level `rpm` command to identify and forcibly
remove dependencies and operating system files that are not required to
boot our Quarkus-based server. This includes `microdnf` and `rpm`
itself! I have preserved bash however, so it's still possible to debug
the container from a shell.
I've created an initial set of allow/disallow lists, that seems to pass
a smoke test (server boots, admin console works). This leaves 37
packages installed, with 96 removed relative to `ubi8-minimal`. We could
go more minimal than this, or less minimal if required. Trial and error
is required.
Closes #16902
2023-02-09 11:20:09 +01:00
Michael Edgar
9896efd288
Operator: use TLS Edge termination when back-end protocol is HTTP
...
Fixes #16807
Signed-off-by: Michael Edgar <michael@xlate.io>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
2023-02-08 16:07:43 +01:00
Bruno Oliveira da Silva
12cefb9950
Update to Quarkus 2.13.7.Final
...
Resolves #16755
Co-authored-by: Robert Nemeti <r.nemeti@syseleven.de>
2023-02-03 15:03:11 -03:00
Martin Bartoš
eebbeb26bc
Remove invalid property from Operator properties
...
Closes #16373
2023-01-30 08:59:49 +01:00