Václav Muzikář
a266cdcba9
Fix bug, add tests
2023-02-13 17:09:36 -03:00
Pedro Igor
2059ffb219
Make sure the distribution is using FIPS providers
...
Closes #12428
2023-02-10 17:26:55 +01:00
Pedro Igor
22e256149c
Make it possible to run the embedded distribution in FIPS mode
...
Closes keycloak#16962
2023-02-09 16:14:01 -03:00
Alex Szczuczko
610e3044ad
Minimize the RPM content of the Quarkus container
...
Even though we use `ubi8-minimal` as the parent of our container, it
still has many RPMs installed that aren't necessary to run the Keycloak
server. Also, since the JDK RPM (that we install on top of
`ubi8-minimal`) is designed for general use, it pulls in more dependency
RPMs than it strictly needs to, like cups and avahi. Keycloak will never
need to access a printer itself!
Trimming down these excess RPMs will improve our CVE statistics with
automated scanners, and therefore let us perform fewer CVE rebuilds.
`ubi8-null.sh` uses the low-level `rpm` command to identify and forcibly
remove dependencies and operating system files that are not required to
boot our Quarkus-based server. This includes `microdnf` and `rpm`
itself! I have preserved bash however, so it's still possible to debug
the container from a shell.
I've created an initial set of allow/disallow lists, that seems to pass
a smoke test (server boots, admin console works). This leaves 37
packages installed, with 96 removed relative to `ubi8-minimal`. We could
go more minimal than this, or less minimal if required. Trial and error
is required.
Closes #16902
2023-02-09 11:20:09 +01:00
vramik
fc9e9e6fda
Add support for file store configuration into Quarkus
...
Closes #16821
2023-02-08 14:49:53 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature ( #16861 )
...
* Remove old admin console feature
Closes #16860
* Update help txt files for Quarkus tests
2023-02-07 12:59:35 +01:00
Pedro Igor
263e86e434
Support paths without a beginning slash when setting the root path
...
Closes #16002
2023-02-02 17:41:22 +01:00
Pedro Igor
b5fb528508
Do not enable caching metrics by default and provide a guide
...
Closes #16751
2023-02-01 18:55:43 +01:00
mposolda
a804400c84
Added KERBEROS feature. Disable it when running tests on FIPS
...
closes #14966
2023-01-25 18:38:46 +01:00
Sebastian Schuster
54c34dc75b
15901 enabled Infinispan metrics
2023-01-25 04:26:35 -08:00
Pedro Igor
33cb1ad7cd
Support runnning tests using an embedded distribution
...
Closes #16420
2023-01-13 12:03:36 -08:00
Pedro Igor
4d2f86202d
Remove Hashicorp Support
...
Closes #9144
2023-01-13 15:52:19 +01:00
Pedro Igor
6ac65f62d7
tests
2023-01-12 12:19:40 -08:00
Pedro Igor
522bf1c0b0
Keep consistency when importing realms at startup when they are exported via the export command
...
Closes #16281
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-01-06 18:53:01 +01:00
Alexander Schwartz
0fee33bb95
Normalize JVM heap usage in tests and handle OOM situations
...
Closes #16089
2022-12-20 13:26:07 +01:00
Alexander Schwartz
1d758fac2b
Adding CRDB into GHA for the new store ( #16021 )
...
The CockroachDB database is slower than PostgreSQL, therefore it will only run branches and nightly builds.
Closes #16020
2022-12-17 08:50:21 +01:00
Pedro Igor
f32e012c11
Make it possible to set a custom user and cache providers when using legacy store
...
Closes #15008
2022-12-15 16:56:20 +01:00
Pedro Igor
d27a5d5b42
Do not execute test methods before HTTPS listener is not ready ( #15984 )
...
Closes #15904
2022-12-14 07:47:43 +01:00
Pedro Igor
0c4ac62a5f
Disabling strict https if hostname is diasabled
...
Closes #15287
2022-12-12 09:10:39 -08:00
Pedro Igor
a861d633e2
Resolving dns names used from tests from local host file
...
Closes #15904
2022-12-12 02:35:59 -08:00
Pedro Igor
1673906a54
Improving quarkus testsuite execution time
...
Closes #13544
2022-12-05 15:06:36 +01:00
Sebastian Schuster
3c6e2c3c1e
15234 switch to micrometer metrics
2022-12-05 08:11:35 -03:00
Martin Kanis
5e891951f5
Update Infinispan version to 14.0.2.Final
2022-11-16 14:56:45 +01:00
Peter Zaoral
13fcb9ca34
Unstable CustomJpaUserProviderDistTest on Windows
...
* remove the starting slash from file URI
Closes #15371
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2022-11-14 17:24:03 +01:00
stianst
1de9c201c6
Refactor Profile
...
Closes #15206
2022-11-07 07:28:11 -03:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream ( #14697 )
...
* Remove Red Hat Single Sign-On product profile from upstream
Closes #14916
* review suggestions: Remove Red Hat Single Sign-On product profile from upstream
Closes #14916
Co-authored-by: Peter Skopek <pskopek@redhat.com>
2022-10-18 14:43:04 +02:00
Martin Kanis
761929d174
Merge ActionTokenStoreProvider and SingleUseObjectProvider ( #13677 )
...
Closes #13334
2022-10-13 09:26:44 +02:00
Stian Thorgersen
fda26385ec
Add profile feature for hosting keycloak.js on the server ( #14771 )
...
* Add profile feature for hosting keycloak.js on the server
Closes #14770
* Updated txt files for HelpCommandTest
2022-10-10 08:00:50 +02:00
Pedro Igor
cff5cfb6df
Avoid including user managed entities into the default PU
...
Closes #12442
2022-09-23 18:01:43 +02:00
Pedro Igor
00e4c3567a
Make it possible to switch between BC and BC-FIPS libraries
...
Closes #12424
2022-09-23 07:50:02 -03:00
Pedro Igor
54c1f1b85a
Upgrade Quarkus 2.12.2
...
Closes #14408
2022-09-14 15:36:50 -03:00
Thomas Darimont
962a685b7b
KEYCLOAK-15773 Control availability of admin api and admin-console via feature flags
...
Inline profile checks for enabled admin-console to avoid issues during
static initialization with quarkus.
Potentially Re-enable admin-api feature if admin-console is enabled
via the admin/admin2 feature flag.
Add legacy admin console as deprecated feature flag
Throw exception if admin-api feature is disabled but admin-console is enabled
Adapt ProfileTest
Consider adminConsoleEnabled flag in QuarkusWelcomeResource
Fix check for Admin-Console / Admin-API feature dependency.
Add new features to approved help output files
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2022-09-09 18:18:51 -03:00
Pedro Igor
ced18f2722
Requests to health endpoint still dispatched to worker threads when http-relative-path is set
...
Closes #14011
2022-08-31 12:42:41 +02:00
Pedro Igor
127569ed2f
Upgrade to Quarkus 2.12.0.Final ( #14006 )
...
Closes #14003
2022-08-30 16:48:20 +02:00
Pedro Igor
52aad0bbdc
Allow setting a URL to configure frontend and admin URLs
...
Closes #13524
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-08-25 23:03:09 -03:00
Pedro Igor
2b9a0bff51
Do not run build when executing import and export commands ( #13942 )
...
Closes #13940
2022-08-25 13:43:18 +02:00
Michal Hajas
05b9e6d59e
Upgrade Infinispan to 13.0.10.Final ( #13910 )
...
Closes #12306
2022-08-25 13:09:34 +02:00
Pedro Igor
2a2ada9575
Improve how expected values are set to options ( #13842 )
...
Closes #13841
2022-08-19 14:55:01 +02:00
Pedro Igor
0d3ca438ed
Aligning kc.bat with latest changes to kc.sh
...
Closes #11185
Closes #13472
2022-08-03 13:05:07 +02:00
Dominik Guhr
43afcf11ac
add gelf log level option
...
also aligns writing in logging.adoc to always use GELF instead of gelf/Gelf in plain text.
Closes #13397
2022-08-01 12:28:47 -03:00
Dominik Guhr
10e3c797a3
Only show non-hidden options in --help-all for options where supportlevel is not SUPPORTED
...
Closes #13385
2022-08-01 10:03:28 -03:00
Dominik Guhr
059a132476
Fixes the regression in 19 for MariaDB, MySQL and other DBs
...
databases that are not using an official liquibase type in Database.java could not be seeded anymore because
the liquibase types we use in model-jpa were not indexed and loaded during the build anymore.
Introduces highly needed tests for other databases than postgres, because postgres has an official liquibase databasetype in its list
in database.java and as such differs from nearly all other vendors.
Closes #13389
2022-07-28 20:40:51 +02:00
Alexander Schwartz
8470a30446
Introduce CLI parameter to set the deployment state version seed
...
Closes #12710
2022-07-27 20:10:17 +02:00
Alexander Schwartz
7f355b43f8
Add prefix to the area Map storage options for Quarkus
...
Closes #13355
2022-07-27 11:00:25 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default ( #13243 )
...
Closes #13242
2022-07-27 10:13:49 +02:00
Alexander Schwartz
67e2f342a9
Allow Quarkus configuration to mix different storage providers
...
Closes #13312
2022-07-26 21:56:16 +02:00
Michal Hajas
3589778a10
Add possibility to configure HotRod storage in Quarkus distribution
...
Closes #12617
2022-07-26 14:13:39 +02:00
Dominik Guhr
878e3e0cbc
change --help to only show "supported" options ( #13304 )
...
* Unsupported options only shown when using help-all
* reworked impl based on comment in #13284
* Also fixes minor things of #13284 as unused imports
Closes #13283
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-07-25 19:34:10 +02:00
Dominik Guhr
9bb1299d89
change optimised to optimized
...
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
2022-07-22 10:29:07 -03:00
Pedro Igor
e14bd51656
Properly enable/disable metrics and health endpoints
...
Closes #11506
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-07-22 09:41:29 -03:00
nchopra
4fd3049c85
[12826] Configuring Postgres and MariaDb version
2022-07-20 11:31:59 -03:00
Dominik Guhr
b563028f42
Rename Cluster to Cache in cli help and rename classes to refer to caching
...
Should be merged after the changes to auto-build are in to avoid more merge conflicts
Closes #13124
2022-07-19 08:17:39 -03:00
Pedro Igor
89028613d8
Introducing --optimise option
...
Closes #10737
2022-07-15 15:12:17 -03:00
Pedro Igor
f6a2b334d1
Integrate the JPA map store ( #13097 )
...
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2022-07-14 17:47:51 -03:00
Pedro Igor
b80731decf
Remove any legacy provider from runtime when running the new store ( #12963 )
2022-07-13 07:30:14 -03:00
Dominik Guhr
e9714c78a6
Fix internal filepath for logging on windows
...
Alo fixes filepath for concurrenthashmap and one windows-only test referencing now non-existing QuarkusJpaConnectionProviderFactory log output in LoggingDistTest
Closes #12984
2022-07-11 08:23:26 -03:00
Dominik Guhr
1edce54aff
Baseline: Ability to set SupportLevel for categories and show marker in CLI help
...
Closes #12927
2022-07-07 12:48:19 -03:00
Dominik Guhr
1d6dde02e5
Add support and docs for centralized logging using gelf.
...
* 99% 1:1 wrapper of the underlying quarkus gelf extension.
* excluded `filter-stack-trace` and `stack-trace-throwable-reference` options for now, as they are either undocumented on the quarkus side or not important imo.
* added docs and examples for Graylog and ELK stack
* NOT added an automated test, as this is really a 1:1 wrapper around the extension, Test setup would be cumbersome, test would take too much time and tests are done in quarkus itself.
Closes #12125
2022-06-30 16:16:19 -03:00
Dominik Guhr
c19428aa81
introduce hidden transaction-jta-enabled config option
...
Closes #12400
2022-06-30 16:01:23 -03:00
Pedro Igor
605b51890e
Enables the new store and the concurrenthashmap provider
...
Closes #12651
2022-06-30 10:55:22 -03:00
Pedro Igor
95528e77bb
Fixing env vars precedence over conf file ( #12638 )
...
Closes #12413
2022-06-22 15:13:58 +02:00
andreaTP
3abcc699a1
Move all dist options to the new module
...
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-06-17 09:06:40 -03:00
Dominik Guhr
9df0d9a5c4
Fixes wrong values shown for configkeys (e.g. http-enabled) in show-config when in dev-mode.
...
also removes unnecessary internal and self-referencing values from output
Closes #9525
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-06-14 09:19:03 -03:00
Dominik Guhr
b5c8f92fe7
Update Quarkus to 2.7.6.Final ( #12371 )
...
Resolves #12370
2022-06-10 09:14:59 -03:00
Pedro Igor
5e5cfff4e2
Resolve default values for runtime options when running re-aug
...
Closes #10818
2022-06-09 08:32:30 -03:00
Pedro Igor
b34f46155c
Allow setting the admin hostname
...
Closes #12190
2022-06-08 16:41:43 -03:00
Pedro Igor
c18b87af5f
Keycloak server fails to start when using different named schema
...
Closes #12219
2022-06-08 09:10:25 -03:00
Pedro Igor
6156272f39
Persisted config source not loading properties at runtime ( #12157 )
...
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-05-25 16:29:37 -03:00
Pedro Igor
b5a5d68dbc
Imposing certain constraints to files when importing at start-up
...
Closes #11861
2022-05-16 16:49:42 +02:00
Dominik Guhr
1162952432
Quarkus Tests on Windows
...
Tested using Windows 10 locally
Closes #10926
2022-05-05 11:56:29 -03:00
Kai Josef Schauerte
016c28e7a5
Added a hint to the --cache-config-file config option that you not need to specify the configuration folder
...
Closes #11302
2022-05-03 09:48:22 -03:00
Dominik Guhr
6ef80239cf
change approvals to reflect typofix
...
Closes #11344
2022-04-19 07:34:15 -03:00
Dominik Guhr
7811f3721a
Add db-url-port option
...
to set the port when not using a full db-url
closes #11251
2022-04-13 08:31:25 -03:00
Stian Thorgersen
7c64f28934
Change admin console to load keycloak.js using a relative URL ( #11109 )
...
* Change admin console to load keycloak.js using a relative URL
Closes #11108
* fix tests
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-04-06 09:35:26 +02:00
Pedro Igor
23c5199c0c
Allow overriding the host header using X-Forwarded-Host ( #11021 )
...
Closes #10997
2022-04-05 09:17:08 +02:00
Dominik Guhr
9e57f836f2
Make quarkus runtime properties also available as runtime properties in keycloak
...
Changes behaviour to:
- all raw quarkus config properties are handled as runtime config in keycloak, with the exception of raw properties we need for additional datasources, there we check for build- vs runtime
- unknown quarkus buildtime properties require a build first or the usual quarkus warning is shown
- wrapped quarkus properties still get ignored / overwritten by our configuration layer (no change in behaviour here)
Closes #10968
2022-03-30 18:13:09 -03:00
Dominik Guhr
a5c3d035b9
Fixes showing sensitive values like passwords and irritating error msg when key used is unknown
...
Only first unknown option is shown for now. May be iterated in the future.
Closes #10050
Closes #10051
2022-03-29 10:37:07 -03:00
Dominik Guhr
0941a4709e
Fixes windows configuration test
...
also fixes using ~ as database default for e.g. IDELauncher (does not work on all windows versions)
also fixes the HelpCommandTest, as approvalTests are now generated based on the OS the tests run
Closes #10246
Co-authored-by: Victor-Philipp Negoescu <victor-philipp.negoescu@iteratec.com>
2022-03-29 10:34:34 -03:00
Pedro Igor
e177f90299
Allow importing realms during startup ( #10754 )
...
Closes #9261
2022-03-24 14:35:09 +01:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT ( #10784 )
2022-03-22 09:22:48 +01:00
Pedro Igor
ffa6df5547
Fixes to hostname ( #10820 )
...
Closes #10627
Closes #10331
2022-03-22 08:11:50 +01:00
Dominik Guhr
5233f2a729
Remove wrong message from build command help
...
Closes #10664
2022-03-10 13:36:48 -03:00
Dominik Guhr
1710b38cf8
Update to quarkus 2.7.3
...
Full changelog on quarkus side: https://github.com/quarkusio/quarkus/releases/tag/2.7.3.Final | startup performance: no degradation | manual smoke tests: passed
Closes #10641
2022-03-08 13:45:25 -03:00
Dominik Guhr
8454dc5a5d
Support for console-JSON and FILE logging
...
See logging.adoc for details on the usage
Closes #10523 , #10607 and #10415
2022-03-08 08:19:03 -03:00
andreaTP
59d9e3e3ee
Enable the heatlh endpoints under a flag
2022-02-24 14:35:42 -03:00
Dominik Guhr
19a17e79ba
Change tx driver handling.
...
Introduce a non-tx driver for the vendors and map based on new build option transaction-tx-enabled
Closes #10191 and others.
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-02-22 18:00:31 -03:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT ( #10165 )
2022-02-11 21:28:06 +01:00
Dominik Guhr
23e5bc7aa3
Readme review v1 ( #10082 )
2022-02-10 06:51:53 +01:00
Pedro Igor
0908325e6d
Can not set a jgroups stack other than the defaults from Infinispan
...
Closes #10052
2022-02-09 06:34:25 -03:00
Dominik Guhr
c22299045c
remove profile references
...
Closes #9683
2022-02-09 06:24:37 -03:00
Pedro Igor
f107f0596e
Rename h2-file and h2-mem and removing defaults from production databases
...
Closes #9973
2022-02-04 15:43:51 -03:00
andreaTP
3244cd7f84
Remove Quarkus tests workaround for log capturing
2022-02-04 11:20:18 -03:00
Dominik Guhr
0f3293cf00
Do not show full help when providing an invalid option
...
Closes #9956
2022-02-04 13:53:02 +01:00
Pedro Igor
ec49695a98
Initial logging support
...
Closes #9901
2022-02-03 13:44:24 +01:00
Pedro Igor
3967c81453
Review Configuring a Database guide ( #9559 )
...
Closes #9457
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-02-02 13:30:53 +01:00
Pedro Igor
fe0cb36284
Do not run re-augmentation if config is the same in dev mode
...
Closes #9906
2022-02-01 13:32:16 -03:00
Stian Thorgersen
cc88fb2daa
Update default distribution to Quarkus ( #9839 )
...
Closes #9837
2022-02-01 09:42:09 +01:00
Dominik Guhr
5a1f4b8889
Quarkus update to 2.7.0.Final
...
Minor and micro dependency updates, some relocations (e.g. vault, ZipUtils), so some changes were needed to make this work.
Closes #9872
2022-01-31 09:55:02 -03:00
Pedro Igor
d140abb8fa
Mapped Quarkus properties should not be persisted ( #9808 )
...
Closes #9807
2022-01-27 11:12:31 +01:00
Pedro Igor
7c162b42a6
Improve enabling/disabling features in Quarkus distribution ( #9801 )
...
Closes #9706
2022-01-27 11:11:46 +01:00