search

ThomasVitale / cloud-native-spring-in-action

🍃 Code samples and projects from the book "Cloud Native Spring in Action - With Spring Boot and Kubernetes" (Manning)
https://www.manning.com/books/cloud-native-spring-in-action
Apache License 2.0
426 stars 257 forks source link

Script upload disabled on keycloack 18 #21

Closed link178 closed 1 year ago

link178 commented 2 years ago

Hello,

there is an issue with keycloack, script upload is disabled, so it is not loading realms from files:

2022-07-29 19:28:37,548 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (development) mode
2022-07-29 19:28:37,548 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to import realm: eauction
2022-07-29 19:28:37,548 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Script upload is disabled

So it is not loading realm. I found a workaround, with a different image and a parameter:

  keycloak:
    image: quay.io/keycloak/keycloak:17.0.0-legacy
    volumes:
      - ./keycloak:/opt/jboss/keycloak/imports
    environment:
      - KEYCLOAK_USER=admin
      - KEYCLOAK_PASSWORD=admin
      - KEYCLOAK_IMPORT=/opt/jboss/keycloak/imports/realm-export.json -Dkeycloak.profile.feature.upload_scripts=enabled      
    ports:
        - 8080:8080

what do you think about this? am I doing sth incorrectly? or the docker compose file needs to be updated ?

Regards

ThomasVitale commented 2 years ago

Hi @link178. At what point did you get that error? I can't reproduce it when running the Keycloak container from this Docker Compose file: https://github.com/ThomasVitale/cloud-native-spring-in-action/blob/main/Chapter11/11-end/polar-deployment/docker/docker-compose.yml#L127

link178 commented 2 years ago

Hi, I tried with this config:

` keycloak: image: quay.io/keycloak/keycloak:18.0 command: start-dev --import-realm volumes:

but same error message:

2022-08-01 20:13:43,549 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (development) mode
2022-08-01 20:13:43,550 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to import realm: eauction
2022-08-01 20:13:43,550 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Script upload is disabled

if you check keycloak docs, they indeed say that script upload have been disabled. So, I can´t move forward from here, unless I use the keycloak config I showed before....

ThomasVitale commented 2 years ago

@link178 thanks for your reply. The feature used in the book is the one for exporting/importing realms. Since Quarkus became the default distribution, importing realms can be done as explained in this guide: https://www.keycloak.org/server/importExport#_importing_a_realm_during_startup

The "upload-script" feature has ben deprecated for a long time and it's been removed in Keycloak 18. It's not needed to import a realm, but it looks like the import might fail depending on your Keycloak configuration regarding clients and authentication providers (which might rely on "uploading scripts"). I found this issue on the GitHub Keycloak project that might help you solve the problem: https://github.com/keycloak/keycloak/issues/11664

Does the import work when you use the JSON file I provide with the source code?

ThomasVitale commented 1 year ago

I'm closing the issue for now since the image runs correctly when using the configuration provided with the repository. Feel free to open a new issue should you find errors with the provided source code. Thank you.