1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
#!/usr/bin/env bash
KEYCLOAK_DOCKER_IMAGE=quay.io/keycloak/keycloak:20.0
ensure_keycloak() {
if docker ps | grep keycloak &> /dev/null; then
print "keycloak already running ..."
else
start_keycloak
fi
}
init_keycloak() {
KEYCLOAK_CONFIG_PATH=${KEYCLOAK_CONFIG_PATH:-oauth/keycloak}
KEYCLOAK_CONFIG_DIR=$(realpath ${TEST_DIR}/${KEYCLOAK_CONFIG_PATH})
KEYCLOAK_URL=${OAUTH_PROVIDER_URL}
print "> KEYCLOAK_CONFIG_DIR: ${KEYCLOAK_CONFIG_DIR}"
print "> KEYCLOAK_URL: ${KEYCLOAK_URL}"
print "> KEYCLOAK_DOCKER_IMAGE: ${KEYCLOAK_DOCKER_IMAGE}"
generate-ca-server-client-kpi keycloak $KEYCLOAK_CONFIG_DIR
}
start_keycloak() {
begin "Starting keycloak ..."
init_keycloak
kill_container_if_exist keycloak
MOUNT_KEYCLOAK_CONF_DIR=$CONF_DIR/keycloak
mkdir -p $MOUNT_KEYCLOAK_CONF_DIR
${BIN_DIR}/gen-keycloak-json ${KEYCLOAK_CONFIG_DIR} "test-realm" $ENV_FILE $MOUNT_KEYCLOAK_CONF_DIR/test-realm.json
print "> EFFECTIVE KEYCLOAK_CONFIG_FILE: $MOUNT_KEYCLOAK_CONF_DIR/test-realm.json"
cp ${KEYCLOAK_CONFIG_DIR}/*.pem $MOUNT_KEYCLOAK_CONF_DIR
docker run \
--detach \
--name keycloak \
--net ${DOCKER_NETWORK} \
--publish 8081:8080 \
--publish 8443:8443 \
--env KEYCLOAK_ADMIN=admin \
--env KEYCLOAK_ADMIN_PASSWORD=admin \
-v ${MOUNT_KEYCLOAK_CONF_DIR}:/opt/keycloak/data/import/ \
${KEYCLOAK_DOCKER_IMAGE} start-dev --import-realm \
--https-certificate-file=/opt/keycloak/data/import/server_keycloak_certificate.pem \
--https-certificate-key-file=/opt/keycloak/data/import/server_keycloak_key.pem
wait_for_oidc_endpoint keycloak $KEYCLOAK_URL $MOUNT_KEYCLOAK_CONF_DIR/ca_keycloak_certificate.pem
end "Keycloak is ready"
print " Note: If you modify keycloak configuration. Make sure to run the following command to export the configuration."
print " docker exec -it keycloak /opt/keycloak/bin/kc.sh export --users realm_file --realm test --dir /opt/keycloak/data/import/"
}
|
