When running the QuarkusIntegrationTest against the keycloak dev service using docker network (e.g. by setting quarkus.container-image.build=true) the http based health check fails:
2021-12-05 19:07:47,923 ERROR [🐳 .io/.0.2]] (build-7) Could not start container: java.lang.IllegalArgumentException: Requested port (8080) is not mapped
at org.testcontainers.containers.ContainerState.getMappedPort(ContainerState.java:153)
at java.base/java.util.Optional.map(Optional.java:265)
at org.testcontainers.containers.wait.strategy.HttpWaitStrategy.waitUntilReady(HttpWaitStrategy.java:177)
at org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:51)
at org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:929)
at org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:468)
at org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:331)
at org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
at org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:329)
at org.testcontainers.containers.GenericContainer.start(GenericContainer.java:317)
at io.quarkus.oidc.deployment.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$0(KeycloakDevServicesProcessor.java:303)
I tried a quick fix by adding:
@Override
public Integer getMappedPort(int originalPort) {
if (useSharedNetwork) {
return KEYCLOAK_PORT;
} else {
return super.getMappedPort(originalPort);
}
}
This solves the above exception, but it reveals another issue: The health check still fails because it tries to reach the /auth url on the internal network address (e.g. http://keycloak-8yVNc:8080/auth):
Caused by: org.testcontainers.containers.ContainerLaunchException: Timed out waiting for URL to be accessible (http://keycloak-8yVNc:8080/auth should return HTTP 200)
at org.testcontainers.containers.wait.strategy.HttpWaitStrategy.waitUntilReady(HttpWaitStrategy.java:264)
This seems logical, since the healthcheck is made from outside the docker network. I also checked how other devservices are doing this, but none is using the HttpWaitStrategy.
Expected behavior
Keycloak DevService gets recognized as healthy and the test can continue
Describe the bug
When running the QuarkusIntegrationTest against the keycloak dev service using docker network (e.g. by setting
quarkus.container-image.build=true) the http based health check fails:I tried a quick fix by adding:
near https://github.com/quarkusio/quarkus/blob/main/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor.java#L489
This solves the above exception, but it reveals another issue: The health check still fails because it tries to reach the
/authurl on the internal network address (e.g. http://keycloak-8yVNc:8080/auth):This seems logical, since the healthcheck is made from outside the docker network. I also checked how other devservices are doing this, but none is using the HttpWaitStrategy.
Expected behavior
Keycloak DevService gets recognized as healthy and the test can continue
Actual behavior
Exception, see above
How to Reproduce?
https://github.com/flo-02-mu/security-openid-connect-quickstart-networkerror
mvn verifyOutput of
uname -aorver20.6.0 Darwin Kernel Version 20.6.0: Mon Aug 30 06:12:21 PDT 2021; root:xnu-7195.141.6~3/RELEASE_X86_64 x86_64
Output of
java -versionopenjdk 12.0.2 2019-07-16 OpenJDK Runtime Environment (build 12.0.2+10) OpenJDK 64-Bit Server VM (build 12.0.2+10, mixed mode, sharing)
GraalVM version (if different from Java)
No response
Quarkus version or git rev
2.5.1.Final (also tried on latest master)
Build tool (ie. output of
mvnw --versionorgradlew --version)Apache Maven 3.6.2 (40f52333136460af0dc0d7232c0dc0bcf0d9e117; 2019-08-27T17:06:16+02:00)
Additional information
No response
https://github.com/quarkusio/quarkus/issues/21935
$upstream:21935$