From 16a958b8742fe56f1311fa97b568fb231a4e95c5 Mon Sep 17 00:00:00 2001 From: ryans Date: Mon, 8 Apr 2024 17:36:34 -0400 Subject: [PATCH] Use vendor neutral container vs docker --- Dockerfile | 2 +- {docker => container}/app/app-setup.env | 0 container/keycloak/initd.d/00_config.env | 2 + container/keycloak/initd.d/01_login.sh | 8 ++ container/keycloak/initd.d/02_realm.sh | 15 ++++ container/keycloak/initd.d/03_client.sh | 13 ++++ container/keycloak/initd.d/04_accounts.sh | 42 ++++++++++ .../oracle/initdb.d}/01_users.sql | 0 .../oracle/initdb.d}/02_ddl.sql | 0 .../oracle/initdb.d}/03_default_data.sql | 0 deps.yaml | 2 +- docker/keycloak/docker-entrypoint.sh | 33 -------- docker/keycloak/setup.sh | 76 ------------------- 13 files changed, 82 insertions(+), 111 deletions(-) rename {docker => container}/app/app-setup.env (100%) create mode 100644 container/keycloak/initd.d/00_config.env create mode 100755 container/keycloak/initd.d/01_login.sh create mode 100755 container/keycloak/initd.d/02_realm.sh create mode 100755 container/keycloak/initd.d/03_client.sh create mode 100755 container/keycloak/initd.d/04_accounts.sh rename {docker/oracle/setup => container/oracle/initdb.d}/01_users.sql (100%) rename {docker/oracle/setup => container/oracle/initdb.d}/02_ddl.sql (100%) rename {docker/oracle/setup => container/oracle/initdb.d}/03_default_data.sql (100%) delete mode 100755 docker/keycloak/docker-entrypoint.sh delete mode 100755 docker/keycloak/setup.sh diff --git a/Dockerfile b/Dockerfile index 0816726..2eeee88 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ RUN cd /app && gradle build -x test --no-watch-fs $OPTIONAL_CERT_ARG ################## Stage 1 FROM ${RUN_IMAGE} as runner -COPY --from=builder /app/docker/app/app-setup.env / +COPY --from=builder /app/container/app/app-setup.env / USER root RUN /server-setup.sh /app-setup.env wildfly_start_and_wait \ && /app-setup.sh /app-setup.env config_keycloak_client \ diff --git a/docker/app/app-setup.env b/container/app/app-setup.env similarity index 100% rename from docker/app/app-setup.env rename to container/app/app-setup.env diff --git a/container/keycloak/initd.d/00_config.env b/container/keycloak/initd.d/00_config.env new file mode 100644 index 0000000..9dddf4e --- /dev/null +++ b/container/keycloak/initd.d/00_config.env @@ -0,0 +1,2 @@ +export KEYCLOAK_REALM=test-realm +export KEYCLOAK_RESOURCE=smoothness-demo \ No newline at end of file diff --git a/container/keycloak/initd.d/01_login.sh b/container/keycloak/initd.d/01_login.sh new file mode 100755 index 0000000..b12855a --- /dev/null +++ b/container/keycloak/initd.d/01_login.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +. /lib.sh + +echo "---------" +echo "| Login |" +echo "---------" +login \ No newline at end of file diff --git a/container/keycloak/initd.d/02_realm.sh b/container/keycloak/initd.d/02_realm.sh new file mode 100755 index 0000000..0c53e28 --- /dev/null +++ b/container/keycloak/initd.d/02_realm.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +. /lib.sh + +echo "----------------" +echo "| Create Realm |" +echo "----------------" +# KEYCLOAK_REALM set in 00_config.env as it's a shared value +KEYCLOAK_SECRET=yHi6W2raPmLvPXoxqMA7VWbLAA2WN0eB +KEYCLOAK_REALM_DISPLAY_NAME="TEST REALM" +# TIMEOUT UNITS IS SECONDS; 28800 Seconds = 8 Hours +KEYCLOAK_SESSION_IDLE_TIMEOUT=28800 +# 86400 Seconds = 24 Hours +KEYCLOAK_SESSION_MAX_LIFESPAN=86400 +create_realm \ No newline at end of file diff --git a/container/keycloak/initd.d/03_client.sh b/container/keycloak/initd.d/03_client.sh new file mode 100755 index 0000000..7bc0597 --- /dev/null +++ b/container/keycloak/initd.d/03_client.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +. /lib.sh + +echo "-----------------" +echo "| Create Client |" +echo "-----------------" +# KEYCLOAK_RESOURCE set in 00_config.env as it's a shared value +KEYCLOAK_CLIENT_NAME=smoothness-demo +KEYCLOAK_SERVICE_ACCOUNT_ENABLED=true +KEYCLOAK_REDIRECT_URIS='["https://localhost:8443/smoothness-demo/*"]' +KEYCLOAK_SECRET=yHi6W2raPmLvPXoxqMA7VWbLAA2WN0eB +create_client \ No newline at end of file diff --git a/container/keycloak/initd.d/04_accounts.sh b/container/keycloak/initd.d/04_accounts.sh new file mode 100755 index 0000000..10dc022 --- /dev/null +++ b/container/keycloak/initd.d/04_accounts.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +. /lib.sh + +echo "----------------" +echo "| Create Roles |" +echo "----------------" +KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user +create_role +KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-admin +create_role + + +echo "----------------" +echo "| Create Users |" +echo "----------------" +KEYCLOAK_USERNAME=jadams +KEYCLOAK_FIRSTNAME=Jane +KEYCLOAK_LASTNAME=Adams +KEYCLOAK_EMAIL=jadams@example.com +KEYCLOAK_PASSWORD=password +KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user +create_user +assign_role + +KEYCLOAK_USERNAME=jsmith +KEYCLOAK_FIRSTNAME=John +KEYCLOAK_LASTNAME=Smith +KEYCLOAK_EMAIL=jsmith@example.com +create_user +assign_role + + +KEYCLOAK_USERNAME=tbrown +KEYCLOAK_FIRSTNAME=Tom +KEYCLOAK_LASTNAME=Brown +KEYCLOAK_EMAIL=tbrown@example.com +create_user +KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user +assign_role +KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-admin +assign_role \ No newline at end of file diff --git a/docker/oracle/setup/01_users.sql b/container/oracle/initdb.d/01_users.sql similarity index 100% rename from docker/oracle/setup/01_users.sql rename to container/oracle/initdb.d/01_users.sql diff --git a/docker/oracle/setup/02_ddl.sql b/container/oracle/initdb.d/02_ddl.sql similarity index 100% rename from docker/oracle/setup/02_ddl.sql rename to container/oracle/initdb.d/02_ddl.sql diff --git a/docker/oracle/setup/03_default_data.sql b/container/oracle/initdb.d/03_default_data.sql similarity index 100% rename from docker/oracle/setup/03_default_data.sql rename to container/oracle/initdb.d/03_default_data.sql diff --git a/deps.yaml b/deps.yaml index 3bceb54..47daee4 100644 --- a/deps.yaml +++ b/deps.yaml @@ -9,7 +9,7 @@ services: - "1521:1521" - "5500:5500" volumes: - - ./docker/oracle/setup:/container-entrypoint-initdb.d + - ./container/oracle/initdb.d:/container-entrypoint-initdb.d keycloak: image: quay.io/keycloak/keycloak:20.0.5 diff --git a/docker/keycloak/docker-entrypoint.sh b/docker/keycloak/docker-entrypoint.sh deleted file mode 100755 index 9eb3a07..0000000 --- a/docker/keycloak/docker-entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -echo "--------------------------" -echo "| Step 1: Start Keycloak |" -echo "--------------------------" - -/opt/keycloak/bin/kc.sh start-dev --hostname $KEYCLOAK_FRONTEND_HOSTNAME --hostname-port=$KEYCLOAK_FRONTEND_PORT & - -echo "--------------------------------------" -echo "| Step 2: Wait for Keycloak to start |" -echo "--------------------------------------" - -if [[ -z "${KEYCLOAK_SERVER_URL}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_SERVER_URL in environment" - return 0 -fi - -until curl ${KEYCLOAK_SERVER_URL} -sf -o /dev/null; -do - echo $(date) " Still waiting for Keycloak to start..." - sleep 5 -done - -echo "---------------------" -echo "| Step 3: Configure |" -echo "---------------------" -/setup.sh - -echo "----------" -echo "| READY! |" -echo "----------" - -sleep infinity \ No newline at end of file diff --git a/docker/keycloak/setup.sh b/docker/keycloak/setup.sh deleted file mode 100755 index 1df58cd..0000000 --- a/docker/keycloak/setup.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/bash - -if [[ -z "${KEYCLOAK_HOME}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_HOME in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_SERVER_URL}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_SERVER_URL in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_ADMIN}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_ADMIN in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_ADMIN_PASSWORD}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_ADMIN_PASSWORD in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_REALM}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_REALM in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_RESOURCE}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_RESOURCE in environment" - return 0 -fi - -if [[ -z "${KEYCLOAK_SECRET}" ]]; then - echo "Skipping Keycloak Setup: Must provide KEYCLOAK_SECRET in environment" - return 0 -fi - -echo "-----------------" -echo "| Step A: Login |" -echo "-----------------" -${KEYCLOAK_HOME}/bin/kcadm.sh config credentials --server "${KEYCLOAK_SERVER_URL}" --realm master --user "${KEYCLOAK_ADMIN}" --password "${KEYCLOAK_ADMIN_PASSWORD}" - -echo "------------------------" -echo "| Step B: Create Realm |" -echo "------------------------" -${KEYCLOAK_HOME}/bin/kcadm.sh create realms -s realm="${KEYCLOAK_REALM}" -s enabled=true -o - -echo "------------------------" -echo "| Step C: Create Roles |" -echo "------------------------" -${KEYCLOAK_HOME}/bin/kcadm.sh create roles -r "${KEYCLOAK_REALM}" -s name=${KEYCLOAK_RESOURCE}-user -${KEYCLOAK_HOME}/bin/kcadm.sh create roles -r "${KEYCLOAK_REALM}" -s name=${KEYCLOAK_RESOURCE}-admin - -echo "-------------------------" -echo "| Step D: Create Client |" -echo "-------------------------" -${KEYCLOAK_HOME}/bin/kcadm.sh create clients -r "${KEYCLOAK_REALM}" -s clientId=${KEYCLOAK_RESOURCE} -s 'redirectUris=["https://localhost:8443/'${KEYCLOAK_RESOURCE}'/*"]' -s secret=${KEYCLOAK_SECRET} -s 'serviceAccountsEnabled=true' -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername service-account-${KEYCLOAK_RESOURCE} --cclientid realm-management --rolename view-users -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername service-account-${KEYCLOAK_RESOURCE} --cclientid realm-management --rolename view-authorization -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername service-account-${KEYCLOAK_RESOURCE} --cclientid realm-management --rolename view-realm - -echo "------------------------" -echo "| Step E: Create Users |" -echo "------------------------" -${KEYCLOAK_HOME}/bin/kcadm.sh create users -r "${KEYCLOAK_REALM}" -s username=jadams -s firstName=Jane -s lastName=Adams -s email=jadams@example.com -s enabled=true -${KEYCLOAK_HOME}/bin/kcadm.sh set-password -r "${KEYCLOAK_REALM}" --username jadams --new-password password -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername jadams --rolename ${KEYCLOAK_RESOURCE}-user - -${KEYCLOAK_HOME}/bin/kcadm.sh create users -r "${KEYCLOAK_REALM}" -s username=jsmith -s firstName=John -s lastName=Smith -s email=jsmith@example.com -s enabled=true -${KEYCLOAK_HOME}/bin/kcadm.sh set-password -r "${KEYCLOAK_REALM}" --username jsmith --new-password password -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername jsmith --rolename ${KEYCLOAK_RESOURCE}-user - -${KEYCLOAK_HOME}/bin/kcadm.sh create users -r "${KEYCLOAK_REALM}" -s username=tbrown -s firstName=Tom -s lastName=Brown -s email=tbrown@example.com -s enabled=true -${KEYCLOAK_HOME}/bin/kcadm.sh set-password -r "${KEYCLOAK_REALM}" --username tbrown --new-password password -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername tbrown --rolename ${KEYCLOAK_RESOURCE}-user -${KEYCLOAK_HOME}/bin/kcadm.sh add-roles -r "${KEYCLOAK_REALM}" --uusername tbrown --rolename ${KEYCLOAK_RESOURCE}-admin \ No newline at end of file