Open orivat opened 2 years ago
/cc @geoand, @iocanel, @pedroigor, @sberyozkin, @stuartwdouglas
The stack trace which can be relevant:
2022-05-06 17:13:23,634 ERROR [org.tes.doc.DockerClientProviderStrategy] (build-11) Could not find a valid Docker environment. Please check configuration. Attempted configurations were:
2022-05-06 17:13:23,635 ERROR [org.tes.doc.DockerClientProviderStrategy] (build-11) UnixSocketClientProviderStrategy: failed with exception InvalidConfigurationException (Could not find unix domain socket). Root cause AccessDeniedException (/var/run/docker.sock)
2022-05-06 17:13:23,635 ERROR [org.tes.doc.DockerClientProviderStrategy] (build-11) As no valid configuration was found, execution cannot continue
2022
@orivat Thanks for providing the detailed instructions on how to reproduce, note this demo is already in the development branch. Trying to build the existing security-openid-connect-quickstart
can be even simpler, it also uses DevServices for Keycloak for testing
@orivat I wonder if it is a groups setup issue on your system, see for example
https://stackoverflow.com/questions/48568172/docker-sock-permission-denied,
there is a note there related to sudo yum install -y docker
as well
Describe the bug
Description
On RHEL 8 CSB, when docket is installed using the command
yum install docker
It is not possible to run use Quarkus keycloak devservices correctly. They are failing if docker has been installed using command "yum docker install".
Keyclaok Quarkus worksfine if it is installed from docker-ce
Note: The command "yum install docker" install at the same podman Openshift package
This issue is not showing up if docker is installed from docker as follows:
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo dnf list docker-ce --showduplicates | sort -r dnf install docker-ce-3:20.10.9-3.el8 systemctl start docker
Example
This example is showcasing an example of failure with following application.properties
2.1. build quarkus
git clone https://github.com/quarkusio/quarkus.git cd quarkus
export MAVEN_OPTS="-Xmx4g" ./mvnw -Dquickly
2.2 add security-openid-connect-client-quickstart
git clone https://github.com/quarkusio/quarkus-quickstarts cd quarkus-quickstarts gh pr checkout 1107
cd /home/orivat/dev/quarkus_ws/quarkus-quickstarts/security-openid-connect-client-quickstart
mvn test
Work-around (for #yum install docker on RHEL8 CSB)
Only way to make it working is: -To start docker externally (see 4.1) -To update application.properties adding/updating
oidc.keycloak.devservices.enabled=false
Configuration file
%prod.quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus
quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus client.quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus
start docker externally docker run -p 8180:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=password quay.io/keycloak/keycloak:18.0.0 start-dev
update application properteis as follows:
oidc.keycloak.devservices.enabled=false
Configuration file
%prod.quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus
quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus client.quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus quarkus.oidc.client-id=backend-service quarkus.oidc.credentials.secret=secret quarkus.keycloak.devservices.realm-path=quarkus-realm.json
quarkus.oidc-client.auth-server-url=${quarkus.oidc.auth-server-url} quarkus.oidc-client.client-id=${quarkus.oidc.client-id} quarkus.oidc-client.credentials.secret=${quarkus.oidc.credentials.secret} quarkus.oidc-client.grant.type=password quarkus.oidc-client.grant-options.password.username=alice quarkus.oidc-client.grant-options.password.password=alice
%prod.port=8080 %dev.port=8080 %test.port=8081
org.acme.security.openid.connect.client.ProtectedResourceOidcClientFilter/mp-rest/url=http://localhost:${port}/protected org.acme.security.openid.connect.client.ProtectedResourceTokenPropagationFilter/mp-rest/url=http://localhost:${port}/protected
mvn test
It should display