Commit graph

13 commits

Author SHA1 Message Date
mposolda
bc0e2d04b7 Make Keycloak container working on FIPS environment - adding sqlite-libs package back to the dist
closes #17253
2023-03-09 10:38:26 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alex Szczuczko
6319b462c7 Upgrade to ubi9 parent image
This PR switches the Quarkus Dockerfile to use `ubi9` parent images instead of `ubi8` ones.

ubi-null.sh has some minor changes to handle differences in RHEL 9. It's also been renamed.

Closes #17057
2023-02-14 09:46:58 +01:00
Alex Szczuczko
610e3044ad Minimize the RPM content of the Quarkus container
Even though we use `ubi8-minimal` as the parent of our container, it
still has many RPMs installed that aren't necessary to run the Keycloak
server. Also, since the JDK RPM (that we install on top of
`ubi8-minimal`) is designed for general use, it pulls in more dependency
RPMs than it strictly needs to, like cups and avahi. Keycloak will never
need to access a printer itself!

Trimming down these excess RPMs will improve our CVE statistics with
automated scanners, and therefore let us perform fewer CVE rebuilds.

`ubi8-null.sh` uses the low-level `rpm` command to identify and forcibly
remove dependencies and operating system files that are not required to
boot our Quarkus-based server. This includes `microdnf` and `rpm`
itself! I have preserved bash however, so it's still possible to debug
the container from a shell.

I've created an initial set of allow/disallow lists, that seems to pass
a smoke test (server boots, admin console works). This leaves 37
packages installed, with 96 removed relative to `ubi8-minimal`. We could
go more minimal than this, or less minimal if required. Trial and error
is required.

Closes #16902
2023-02-09 11:20:09 +01:00
Martin Bartoš
445e953501 Java 17 support not given
Fixes #15916
2022-12-14 11:59:50 -08:00
Dominik Guhr
ea552687fb
Fixes wrong encoding in container image (#11547)
Closes #11545

Co-authored-by: Joshua Sorah <jsorah@gmail.com>

Co-authored-by: Joshua Sorah <jsorah@gmail.com>
2022-04-22 14:57:39 +02:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
Andrea Peruffo
b66115c1df
Create missing data folder in docker image (#10783)
Resolves #10806
2022-03-17 14:50:38 -03:00
Stian Thorgersen
5d3fbbb158
Update README.md 2022-02-15 08:11:44 +01:00
Dominik Guhr
e1967250af
provide readme for containers module (#10093)
seems to accidentally gone missing when moving from containers repo

Closes #10092
2022-02-14 16:03:03 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
Sebastian Schuster
011d108fff
10073 reduced quarkus image size (#10074) 2022-02-10 08:01:51 +01:00
Stian Thorgersen
cc88fb2daa
Update default distribution to Quarkus (#9839)
Closes #9837
2022-02-01 09:42:09 +01:00