changes to get docker compose to launch cleanly

bcgov · Nov 22, 2024 · f382fc9 · f382fc9
1 parent 50433c8
commit f382fc9
Show file tree

Hide file tree

Showing 6 changed files with 415 additions and 143 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -9,34 +9,36 @@ x-common-variables: &common-variables
 
 services:
   keycloak:
-    image: quay.io/keycloak/keycloak:15.1.1
+    image: keycloak:latest
     container_name: keycloak
     hostname: keycloak
+    build:
+      context: .
+      dockerfile: ./local/keycloak/Dockerfile
     depends_on:
       - kong-db
     command:
       [
-        '-b',
-        '0.0.0.0',
-        '-Djboss.socket.binding.port-offset=1001',
-        '-Dkeycloak.migration.action=import',
-        '-Dkeycloak.migration.provider=singleFile',
-        '-Dkeycloak.migration.file=/tmp/realm-config/master-realm.json',
-        '-Dkeycloak.migration.strategy=OVERWRITE_EXISTING',
-        '-Dkeycloak.profile.feature.upload_scripts=enabled',
+        'start',
+        '--optimized',
+        '--hostname',
+        'http://keycloak.localtest.me:9081/auth',
+        '--db-url',
+        'jdbc:postgresql://kong-db/keycloak',
+        '--db-username',
+        'keycloakuser',
+        '--db-password',
+        'keycloakuser',
+        '--http-enabled',
+        'true',
+        '--http-port',
+        '9081',
+        '--import-realm',
       ]
     ports:
       - 9081:9081/tcp
-    environment:
-      #KEYCLOAK_USER: local
-      #KEYCLOAK_PASSWORD: local
-      DB_VENDOR: POSTGRES
-      DB_SCHEMA: public
-      DB_ADDR: kong-db:5432
-      DB_USER: keycloakuser
-      DB_PASSWORD: keycloakuser
     volumes:
-      - ./local/keycloak/master-realm.json:/tmp/realm-config/master-realm.json
+      - ./local/keycloak/master-realm.json:/opt/keycloak/data/import/master-realm.json
     networks:
       aps-net:
         aliases:

diff --git a/local/db/database-init.sql b/local/db/database-init.sql
@@ -1,11 +1,8 @@
 CREATE ROLE keystonejsuser WITH LOGIN PASSWORD 'keystonejsuser';
-
 CREATE DATABASE keystonejs OWNER keystonejsuser;
 
 CREATE ROLE konguser WITH LOGIN PASSWORD 'konguser';
-
 CREATE DATABASE kong OWNER konguser;
 
 CREATE ROLE keycloakuser WITH LOGIN PASSWORD 'keycloakuser';
-
 CREATE DATABASE keycloak OWNER keycloakuser;
diff --git a/local/feeder-init/init.sh b/local/feeder-init/init.sh
@@ -3,7 +3,7 @@ apk add --no-cache curl
 cd /tmp
 
 while true; do
-    keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master)
+    keycloakstatus=$(curl -o /dev/null -sw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master)
     echo "$keycloakstatus"
     if [[ "$keycloakstatus" == "200" ]]; then
         echo  "Keycloak is up"

diff --git a/local/gwa-api/entrypoint.sh b/local/gwa-api/entrypoint.sh
@@ -55,7 +55,7 @@ kong-addr: $KONG_ADMIN_URL
 EOF
 
 while true; do
-    keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master)
+    keycloakstatus=$(curl -o /dev/null -sw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master)
     echo "$keycloakstatus"
     if [[ "$keycloakstatus" == "200" ]]; then
         echo  "Keycloak is up"

diff --git a/local/keycloak/Dockerfile b/local/keycloak/Dockerfile
@@ -0,0 +1,10 @@
+FROM quay.io/keycloak/keycloak:26.0.6 as builder
+
+ENV KC_DB=postgres
+RUN /opt/keycloak/bin/kc.sh build --http-relative-path=/auth
+
+FROM quay.io/keycloak/keycloak:26.0.6
+COPY --from=builder /opt/keycloak/ /opt/keycloak/
+WORKDIR /opt/keycloak
+ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
+CMD ["start", "--optimized", "--hostname", "http://localhost:8080", "--http-enabled", "true"]