Commit graph

213 commits

Author SHA1 Message Date
Steven Hawkins
b343f87c60
ensures support for cluster-wide monitoring (#22821)
Partially addresses #15888
2023-09-19 17:46:37 +00:00
Steven Hawkins
7f5e5e0e1c
Corrects log truncation and adds the database to logging (#23072)
Closes #22985
2023-09-12 08:34:30 +00:00
Steven Hawkins
1545680c48
Adds failing remote operator logs to the main test log (#22990)
Closes #22985
2023-09-06 08:35:03 +02:00
Steven Hawkins
ffc6bc497a
allows normal reconciliation to continue even if secrets are not present (#22404)
* allows normal reconciliation to continue even if secrets are not present

Closes #22170

* adds polling if any secret (in particular optional) is not present

Closes #22170
2023-09-01 10:34:31 +02:00
Steven Hawkins
6a83703774
Removes the bundle generator from the runtime (#22820)
Closes #22573
2023-08-31 10:01:06 +00:00
Steven Hawkins
7604370a00
removes quarkus-openshift since it's not being utilized (#22834)
Closes #10963
2023-08-31 09:07:15 +02:00
Steven Hawkins
28a18bf7b9
removes the SSA logging that is capturing the entire resource (#22608)
Closes #22607
2023-08-28 15:33:43 +00:00
Steven Hawkins
07a4bc4db1
Ensures the CRDs are ready for use after installed (#22622)
also decreases the default poll interval

Closes #22506
2023-08-23 08:52:39 +02:00
Steven Hawkins
6b0e1f87f9
converts the ingress logic to a conditional dependent resource (#22221)
Closes #22206
2023-08-21 17:34:59 +00:00
Steven Hawkins
e516d27f24
Converts realm import to dependent resources (#22299)
Closes #22223
2023-08-21 16:18:56 +00:00
Steven Hawkins
7a71d3ef92
removing the quarkus-minikube dependency (#22521)
Closes #22517
2023-08-21 14:07:14 +00:00
Steven Hawkins
080b53fbce
removing build time dependencies from the runtime (#22501)
Closes #22496
2023-08-21 12:41:23 +00:00
Peter Zaoral
568590fcdd
Remove Brotli dependencies from the distribution and operator (#22484)
* excluded the dependencies from the keycloak-quarkus-server and operator poms

Closes #22482

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-08-17 08:53:35 +02:00
Steven Hawkins
b216895baf
removing vertx-uri-template as a dependency (#22470)
there's no usage of UriTemplate (smallrye or vertx in keycloak /
fabric8), so it can be removed from server and the operator

Closes #22468
2023-08-16 16:55:04 +02:00
Steven Hawkins
48a4102c97
removes logging full resources to omit secret data (#22467)
Closes #22080
2023-08-15 16:01:40 +00:00
Steven Hawkins
c18475fc57
adds the http service port if enabled (#22155)
Closes #22131
2023-08-10 16:01:57 +00:00
Steven Hawkins
1d444ff862
converts the keycloak services to dependent resources (#22257)
Closes #22207
2023-08-10 13:56:13 +00:00
Steven Hawkins
b4e876364a
removes the termination grace period override (#22203)
Closes #22160
2023-08-10 10:43:38 +00:00
Steven Hawkins
697cd8595b
switches the admin secret to a dependent resource (#22044)
Closes #22183
2023-08-03 14:37:43 +00:00
Steven Hawkins
c2d5cc67af
simplifying status updates to a single method for each controller (#22081)
also removing the getValueFromSubSpec method

Closes #22182
2023-08-02 14:44:40 +00:00
Steven Hawkins
ec86d16c43
makes spec.replicas optional (#22152)
Closes #22151
2023-08-02 10:50:14 +00:00
Václav Muzikář
b78b498a26 Fix Operator tests on OpenShift
Closes #22140
Closes #22142
Closes #22143
2023-08-01 20:19:25 +02:00
Václav Muzikář
cce0778886 Change postgres image for Operator tests
Closes #22032
2023-08-01 20:18:48 +02:00
Steven Hawkins
b2e11735ed
refinements to improve how pod logs are saved (#22093)
also adding more information into the main log

Closes #10128
2023-07-31 17:05:30 +02:00
Steven Hawkins
819d33411a
changes to speed up test times (#21658)
Closes #10731
2023-07-27 14:08:21 +02:00
Steven Hawkins
9b0f4fb581
Removes the initial delay seconds and adds a startup probe (#21884)
Adjusted the thresholds and delays accordingly

Closes #21111
2023-07-26 10:48:54 +02:00
Steven Hawkins
821316a61a
updating the location of the Dockerfile (#21879) 2023-07-24 08:25:23 +02:00
Václav Muzikář
9c63cf98e7 Use --verbose by default in Operator deployments
Closes #21802
2023-07-21 18:46:01 +02:00
Steven Hawkins
3cbd4eb10a
removes the filtering of erroneous enum values (#21790)
With the update to fabric8 6.7.2, this filtering is no longer needed

Closes #20935
2023-07-21 08:49:01 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543)
Closes #21360
2023-07-20 11:57:18 +02:00
Steven Hawkins
1fa6f6ab2d
Adds a pod list rbac (#21832)
Closes #21814
2023-07-20 09:05:07 +00:00
Steven Hawkins
ebe6e6c965
switches the workaround to JsonNode, which produces a cleaner crd (#21788)
Closes #21739
2023-07-19 08:12:44 +02:00
Steven Hawkins
fa83034474
Also replaces md5 usage with sha-256 (#21162)
closes #21125
2023-07-17 10:48:04 +02:00
Steven Hawkins
b0b9c1a76e
Switches the merging logic to using the override as the basis (#21415)
Ensures additionalProperties are the lowest precedence

Also removes support for setting the image pull secrets via the
unsupported podtemplate

Closes #10503
2023-07-14 12:42:03 +02:00
Václav Muzikář
6a3ea1a084 keycloakCRName and realm are no longer marked as required in KeycloakRealmImport CRD
Closes #21607
2023-07-12 08:03:12 -03:00
Pedro Ruivo
165c36f9ff
Enable publishNotReadyAddresses for discovery service (#21511)
Closes #21493
2023-07-10 17:02:55 +02:00
Peter Zaoral
2b1c29a6f2 Use Quarkus Platform BOM
Closes #20570
Closes #15870

Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2023-07-06 12:45:48 -03:00
Václav Muzikář
ad988ca914 Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
Closes #21272
2023-07-03 08:11:18 -03:00
Steven Hawkins
b0e7958906
adds port names to the pod / service (#21291)
Closes #12593
2023-07-03 08:13:30 +02:00
Steven Hawkins
5ee21ab6d1
scrapes pod container statuses when waiting for more to become available (#21257)
Closes #10285
2023-06-30 08:49:48 +00:00
Steven Hawkins
73076a37f9
adding just crd tests of the specs (#21302)
Closes #20936
2023-06-29 16:55:11 +02:00
Steven Hawkins
88992dae19
widens status to be any type. (#21281)
this is to avoid olm complaining about an incompatible schema during
upgrade

Relates to #13074
2023-06-29 08:57:22 +02:00
Steven Hawkins
e9c9f80e8d
adds an instance label to support multiple instances (#20906)
Closes #10562 #14220
2023-06-28 18:05:23 +02:00
Steven Hawkins
4dba17253e
changes the label prefix to operator.keycloak.org (#21175)
closes #21141
2023-06-28 11:21:02 +02:00
Steve Hawkins
6a92669139 finishes the conversion away from createOrReplace
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource

Closes #20850
2023-06-23 11:55:47 -03:00
Martin Bartoš
13a463f71e Avoid calls to Control Plane when the secondary resource is in cache
Closes #21109
2023-06-22 10:03:35 -03:00
Martin Bartoš
0ecdebc000 Incorrect Url on Keycloak Health - Liveness and Readiness, no Startup Probes
Fixes #17388
2023-06-22 05:32:53 -03:00
Steve Hawkins
5701f70157 changes condition status to be a string, rather than a boolean
Closes #13074
2023-06-21 17:14:33 -03:00
Steve Hawkins
4540ca365c infers the default ip/hostname from the client
Closes #21114
2023-06-21 12:30:54 -03:00
Steve Hawkins
14747f45ca removing the usage of MultivaluedStringStringHashMap and ComponentExport
map

upstream improvements make this no longer necessary

Closes #20937
2023-06-21 12:30:41 -03:00
Alex Szczuczko
3246a15442 Use quarkus-operator-sdk-bundle-generator for OLM YAMLs
Closes #10911
2023-06-20 15:01:44 -03:00
Martin Bartoš
c3000984db
Upgrade to Quarkus 3.1.1.Final (#20958)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-06-14 08:51:38 -03:00
Steve Hawkins
7e2565c9fe using multiple SchemaSwap annotations instead of the schell script
Closes #10736
2023-06-13 06:00:28 -03:00
Steve Hawkins
c1e96564dc Removes the check for full readiness of 3 replicas
In the ci environment the amount of time between 3 pods being created
and all being ready seems highly variable.  Also since we currently lack
the status information to determine if a deployment is not progressing,
it's best just to remove this check.  The latter check asserting full
readiness of 2 replicas will suffice.

Closes #20888
2023-06-12 12:34:48 -03:00
Steven Hawkins
91a3ab6b87
expands the status handling to account for the prior status (#20856)
Closes #20853
2023-06-08 17:09:39 +02:00
Steven Hawkins
075d913037
enabling keycloak to be a scalable resource (#20828)
Closes #20825
2023-06-07 17:57:25 +02:00
Steven Hawkins
d77041f177
mostly updating the logic to newer fabric8 apis (#20825)
Closes #20822
2023-06-07 14:58:39 +02:00
Václav Muzikář
989ffe2d22
Remove Fabric8 override from the Operator (#20728)
Closes #20130
2023-06-06 13:58:20 +00:00
Steven Hawkins
d045156ba4
Adding the ability to set ingressClassName (#20796)
Closes #20723
2023-06-05 21:10:39 +00:00
Václav Muzikář
f627e9535f
Add support to the Operator for setting default labels on Keycloak pods (#20661)
Closes #20625
2023-06-01 13:39:41 +02:00
Pedro Ruivo
cffb8141e2
Allow custom annotation in Ingress (#20577)
Closes #20576
2023-05-26 15:24:59 +00:00
Alex Szczuczko
1578506475
Seperate version properties for hibernate-enhance and quarkus-maven (#20264)
This will allow them to be defined seperately from aligned dependency
versions suitable for product

Closes #20261
2023-05-18 14:37:55 +00:00
Andre Nascimento RH
851ecb43fc
Stops the recreation of managed Keycloak Statefulset Pods when Keycloak Operator restarts occasionally. (#20187) 2023-05-09 19:33:12 +02:00
Václav Muzikář
e44464d3b8 Remove OkHttp Client from the Operator
Closes #19573
2023-05-05 12:10:39 -03:00
Václav Muzikář
983e40ad2b
Add OpenShift support to KeycloakIngressTest (#20030) 2023-05-02 14:24:54 +02:00
Bruno Oliveira da Silva
373b5c1d9f
Update to Quarkus 3.0.1.Final (#20011)
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

Closes #20010
Closes #19080
Closes #17476
Closes #19286
Closes #17557
Closes #17556
Closes #17555
Closes #17475
Closes #15879
Closes #15878
2023-05-02 10:13:23 +02:00
Václav Muzikář
dd6e73ec7c Upgrade Operator SDK to 6.0.0.CR1
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/operator/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Alexander Schwartz
4f8d67c9fc All commands now auto-reaugment except show-config
Closes #15782
Closes #15898
Closes #17498
2023-04-21 15:06:51 +02:00
ikhomyn
84a7b57059
fix db for openshift 2023-04-21 12:36:41 +00:00
Alex Szczuczko
edaa84b1e5
Build the operator container via Dockerfile (#19642)
Closes #16967
2023-04-21 08:32:29 +02:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Andre Nascimento
aa422484e2 Improvements on Operator Integration Tests to make sure that Config set in CR takes precedence.
Closes #13114
2023-02-23 08:51:40 +01:00
Andre Nascimento
cb78ea06b0 Make sure the customized Ingress resource isn't deleted when the Keycloak deployed by Operator is killed.
Closes #14433
2023-02-16 17:31:31 +01:00
Václav Muzikář
2089878740 Update Operator container to UBI 9 / RHEL 9
Closes #17068
2023-02-15 16:26:29 -03:00
Alex Szczuczko
610e3044ad Minimize the RPM content of the Quarkus container
Even though we use `ubi8-minimal` as the parent of our container, it
still has many RPMs installed that aren't necessary to run the Keycloak
server. Also, since the JDK RPM (that we install on top of
`ubi8-minimal`) is designed for general use, it pulls in more dependency
RPMs than it strictly needs to, like cups and avahi. Keycloak will never
need to access a printer itself!

Trimming down these excess RPMs will improve our CVE statistics with
automated scanners, and therefore let us perform fewer CVE rebuilds.

`ubi8-null.sh` uses the low-level `rpm` command to identify and forcibly
remove dependencies and operating system files that are not required to
boot our Quarkus-based server. This includes `microdnf` and `rpm`
itself! I have preserved bash however, so it's still possible to debug
the container from a shell.

I've created an initial set of allow/disallow lists, that seems to pass
a smoke test (server boots, admin console works). This leaves 37
packages installed, with 96 removed relative to `ubi8-minimal`. We could
go more minimal than this, or less minimal if required. Trial and error
is required.

Closes #16902
2023-02-09 11:20:09 +01:00
Michael Edgar
9896efd288 Operator: use TLS Edge termination when back-end protocol is HTTP
Fixes #16807

Signed-off-by: Michael Edgar <michael@xlate.io>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
2023-02-08 16:07:43 +01:00
Bruno Oliveira da Silva
12cefb9950 Update to Quarkus 2.13.7.Final
Resolves #16755

Co-authored-by: Robert Nemeti <r.nemeti@syseleven.de>
2023-02-03 15:03:11 -03:00
Martin Bartoš
eebbeb26bc Remove invalid property from Operator properties
Closes #16373
2023-01-30 08:59:49 +01:00
Václav Muzikář
3d62dc4254 Update SDK to 4.0.6 2023-01-11 13:58:45 +01:00
Václav Muzikář
01f1db600d Fix race condition while updating Secrets labels in Operator 2022-11-07 13:07:02 +01:00
Peter Becich
13aaadc754
improvement to operator readme, links to documentation (#14692)
* operator readme links to documentation

* Update operator/README.md

Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-11-03 07:20:43 +01:00
Václav Muzikář
5ebb6e9c10 Mark Operator as stable in the OLM bundle 2022-10-24 08:08:24 +02:00
Václav Muzikář
a30b427a96 Update Quarkus Operator SDK to 4.0.4 2022-10-21 15:58:31 -03:00
Andre Nascimento RH
d12aef0b43
Rename free-form field from 'serverConfiguration' to 'additionalOptions' in Keycloak CR. 2022-10-21 14:41:02 +02:00
Martin Bartoš
24acc4c7d1 Add hostname options to Keycloak CR
Closes #14395

Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
2022-10-21 11:00:42 +02:00
Pedro Igor
2d55e1dab7 Add DB options to Keycloak CR
Closes #14374

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2022-10-20 21:21:00 +02:00
Peter Zaoral
4dfbb42680 Refine Ingress settings in Keycloak CR
Closes Keycloak#14407

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2022-10-18 17:44:50 +02:00
Václav Muzikář
19ee00ff54 Add HTTP options to Keycloak CR 2022-10-17 15:57:05 -03:00
Bruno Oliveira da Silva
90369f7540
Upgrade to latest Quarkus 2.13.2 (#14834)
Upgrade to latest Quarkus 2.13.2

Resolves #14817
2022-10-17 12:05:35 +02:00
Václav Muzikář
0afc4a8af7
Refactor KeycloakDeploymentConfig (#14880)
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2022-10-14 10:42:09 -03:00
Martin Bartoš
90c1624668 Add transaction options to Keycloak CR
Closes #14375
2022-10-13 08:41:47 +02:00
Martin Bartoš
7311e12066 Add features options to Keycloak CR
Closes #14376
2022-10-11 15:07:44 +02:00
Václav Muzikář
20fa75f677 Upgrade Operator SDK version 2022-09-29 10:28:47 +02:00
Dmitry Telegin
cc2117bf7c UserInfo endpoint not fully standards compliant
Closes #14184
2022-09-16 10:15:08 +02:00
Andre Nascimento RH
4594243a33
Add 'imagePullSecret' field to the Keycloak CR 2022-09-07 14:03:28 +02:00
mposolda
0796e7a479 Revert removing bouncycastle from operator
Closes #13952
2022-08-24 14:29:42 +02:00
David Anderson
2070420673
Remove the BC dependency from keycloak-operator (#13928)
Closes #13115
2022-08-23 10:21:00 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default (#13243)
Closes #13242
2022-07-27 10:13:49 +02:00
Václav Muzikář
4e83b9be9d
Recreate upgrade strategy using the new Operator (#13326)
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-07-26 13:37:20 -03:00
Dominik Guhr
9bb1299d89 change optimised to optimized
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
2022-07-22 10:29:07 -03:00