search

jacekkow / keycloak-protocol-cas

CAS protocol provider for Keycloak
https://issues.jboss.org/browse/KEYCLOAK-1047
Apache License 2.0
92 stars 28 forks source link

Failed to create a new filesystem for keycloak-protocol-cas.jar #103

Closed lovasoa closed 2 months ago

lovasoa commented 4 months ago

Hello ! I'm trying to use this extension with keycloak 24.0 in docker.

I am getting the following error:

keycloak-1  | ERROR: Failed to run 'build' command.
keycloak-1  | ERROR: java.io.IOException: Failed to create a new filesystem for /opt/keycloak/lib/../providers/keycloak-protocol-cas.jar
keycloak-1  | ERROR: Failed to create a new filesystem for /opt/keycloak/lib/../providers/keycloak-protocol-cas.jar
keycloak-1  | ERROR: /opt/keycloak/lib/../providers/keycloak-protocol-cas.jar
keycloak-1  | For more details run the same command passing the '--verbose' option. Also you can use '--help' to see the details about the usage of the particular command.
lovasoa commented 4 months ago

Ok, I found the problem myself

running

ADD  --chown=1000:0 https://github.com/jacekkow/keycloak-protocol-cas/releases/download/24.0.3/keycloak-protocol-cas-24.0.3.jar \
    /opt/keycloak/providers/keycloak-protocol-cas.jar

instead of just 

ADD  https://github.com/jacekkow/keycloak-protocol-cas/releases/download/24.0.3/keycloak-protocol-cas-24.0.3.jar \
    /opt/keycloak/providers/keycloak-protocol-cas.jar

worked.

Maybe this could be added to the documentation, to save future users the trouble ?

jacekkow commented 2 months ago

This is somewhat documented in Dockerfile reference:

All files and directories copied from the build context are created with a UID and GID of 0 unless the optional --chown flag specifies a given username.

In the case where is a remote file URL, the destination will have permissions of 600.

Documentation does not mention permissions at all - I will add a sentence to this point:

Put the downloaded JAR file into the providers/ directory inside Keycloak installation folder.