search

quarkusio / quarkus

Quarkus: Supersonic Subatomic Java.
https://quarkus.io
Apache License 2.0
13.75k stars 2.67k forks source link

Keycloak statup option --hostname-port is deprecated and disabled by default since keycloak 25.0.0 #42509

Open HerrDerb opened 2 months ago

HerrDerb commented 2 months ago

Since keycloak 25.0.0. hostname:v1 is disabled by default. Therefor the dev service will fail to start if useSharedNetwork evaluates to true 

    ...
    if (keycloakX) {
                addEnv(KEYCLOAK_QUARKUS_ADMIN_PROP, KEYCLOAK_ADMIN_USER);
                addEnv(KEYCLOAK_QUARKUS_ADMIN_PASSWORD_PROP, KEYCLOAK_ADMIN_PASSWORD);
                withCommand(startCommand.orElse(KEYCLOAK_QUARKUS_START_CMD)
                        + (useSharedNetwork ? " --hostname-port=" + fixedExposedPort.getAsInt() : ""));
                addUpConfigResource();
            }
    ...

https://github.com/quarkusio/quarkus/blob/main/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor.java#L517

Log output from the failed container:
Disabled option: --hostname-port. Available only when hostname:v1 feature is enabled
Possible solutions: --hostname, --hostname-admin, --hostname-backchannel-dynamic, --hostname-strict, --hostname-debug
Try kc.sh start --help for more information on the available options.
Specify --help-all to obtain information on all options and their availability.
quarkus-bot[bot] commented 2 months ago

/cc @pedroigor (keycloak), @sberyozkin (keycloak)

HerrDerb commented 2 months ago

Might actually not be relevant for you as we use our own image... If you already enabled --features=hostname:v1 in the default keycloak dev service image, feel free to close this issue

andrejpetras commented 2 months ago

Workaround that works for me: 

quarkus.keycloak.devservices.show-logs=true
quarkus.keycloak.devservices.start-command=start --http-enabled=true --hostname-strict=false --features=hostname:v1

Logs:

2024-08-13 14:19:00,476 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak: 2024-08-13 12:18:58,111 WARN  [org.key.com.Profile] (main) Deprecated features enabled: hostname:v1
2024-08-13 14:19:00,478 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak: 2024-08-13 12:18:58,137 WARN  [org.key.qua.run.cli.Picocli] (main) The following used options or option values are DEPRECATED and will be removed or their behaviour changed in a future release:
2024-08-13 14:19:00,478 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak:   - hostname-strict
2024-08-13 14:19:00,478 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak:   - hostname-port
2024-08-13 14:19:00,479 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak:   - hostname
2024-08-13 14:19:00,479 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak: Consult the Release Notes for details.
2024-08-13 14:19:00,483 INFO  [io.qua.oid.dep.dev.key.KeycloakDevServicesProcessor] (docker-java-stream--657611309) Keycloak: 2024-08-13 12:18:59,068 WARN  [org.key.com.Profile] (main) Deprecated features enabled: hostname:v1
andrejpetras commented 2 months ago

It seems like integration tests for Keycloak DevServices are missing.

sberyozkin commented 2 months ago

@andrejpetras We do have them, but not for the shared network case, we actually used to have them but they got accidentally dropped during some restructuring. I think we can hopefully fix this issue by reintroducing them