bcgov · jlangy · Mar 6, 2024
@@ -57,3 +57,5 @@ mds.json
 # mkdocs
 __pycache__
 site
+
+localdevextensions/bcgov-services-1.0.0.jar
@@ -0,0 +1,23 @@
+FROM maven:3.8.2-jdk-11-slim AS builder
+
+COPY ./docker/keycloak/extensions-7.6 /tmp/
+WORKDIR /tmp/
+RUN mvn -B clean package --file pom.xml
+
+# see https://catalog.redhat.com/software/containers/rh-sso-7/sso76-openshift-rhel8/629651e2cddbbde600c0a2ec
+FROM registry.redhat.io/rh-sso-7/sso76-openshift-rhel8:7.6-25
+
+ENV CONFIGURATION /opt/eap/standalone/configuration
+
+USER 0
+
+# # see https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/html/server_developer_guide/themes
+# # copy the theme directory to `/opt/eap/themes/` for now, but we can consider to archive to be deployed later.
+COPY ./docker/keycloak/extensions-7.6/themes/src/main/resources/theme /opt/eap/themes/
+COPY --from=builder /tmp/services/target/bcgov-services-1.0.0.jar /opt/eap/standalone/deployments/
+
+COPY ./localdevextensions/standalone.xml ${CONFIGURATION}/standalone-openshift.xml
+
+RUN chown -R 185:0 ${CONFIGURATION}
+
+USER 185
@@ -0,0 +1,18 @@
+# Overview
+
+This is a folder for testing themes and services locally with podman-compose. Podman commands can be replaced with docker compose using the same syntax. It is currently setup to test the 7.6 extension.
+
+## Setup
+
+Ensure you have mvn installed to recompile.
+
+Run `podman-compose up`.
+
+This will run the build of the [7.6 extensions](../docker/keycloak/extensions-7.6/) locally. The dockerfile is altered to disable theme caching for easier theme development, and use a compiled .jar file mounted as a volume. If working with themes, you can update them diretly now. If you are working with the java code, you will need the following to recompile:
+- `mvn -B clean package --file ../docker/keycloak/extensions-7.6`
+- `../docker/keycloak/extensions-7.6/services/target/bcgov-services-1.0.0.jar .`
+
+If you would like to recompile on the fly, you can run ./local.sh in a terminal window, which will watch for file changes and run the above for you.
+
+**Modules**
+If you would like to add realm configuration to mimic our environments, run the local setup from sso-terraform-modules repo. Note that this is also useful for quickly finding our current configurations for authentication flows and mappers by searching for the relevant id.
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Define the directory to watch
+DIRECTORY="../docker/keycloak/extensions-7.6/services"
+
+# Define the Maven command to execute
+MAVEN_COMMAND="mvn -B clean package --file ../docker/keycloak/extensions-7.6"
+
+# Start an infinite loop to watch for file changes
+while true; do
+    # Wait for file changes in the specified directory
+    inotifywait -r -e modify,move,create,delete --exclude '/target' "$DIRECTORY"
+
+    # When a change is detected, execute the Maven command
+    echo "Change detected. Running Maven build..."
+    $MAVEN_COMMAND
+    echo "HI"
+    cp ../docker/keycloak/extensions-7.6/services/target/bcgov-services-1.0.0.jar .
+done
@@ -0,0 +1,67 @@
+version: '3.8'
+
+services:
+  keycloak:
+    container_name: keycloak
+    image: keycloak-local
+    build:
+      dockerfile: ./localdevextensions/Dockerfile
+      context: '../'
+    depends_on:
+      - postgres
+    ports:
+      - 8080:8080
+    environment:
+      DB_POSTGRESQL_SERVICE_HOST: postgres
+      DB_POSTGRESQL_SERVICE_PORT: 5433
+      # DB Credentials
+      DB_USERNAME: keycloak
+      DB_PASSWORD: keycloak
+      DB_DATABASE: keycloak
+      SSO_ADMIN_USERNAME: admin
+      SSO_ADMIN_PASSWORD: admin
+      DB_MIN_POOL_SIZE: 1
+      # Do not make the max pool size too small, or keycloak will fail to open enough connections to the DB.
+      # If the SSO image exits with a FATAL DB conection error it is likely too small.
+      DB_MAX_POOL_SIZE: 5
+      JGROUPS_CLUSTER_PASSWORD: password
+      JAVA_OPTS_APPEND: '-Dkeycloak.profile.feature.impersonation=disabled -Djboss.persistent.log.dir=/var/log/eap'
+      OPENSHIFT_DNS_PING_SERVICE_NAME: pinger
+      OPENSHIFT_DNS_PING_SERVICE_PORT: 8008
+      DB_JNDI: java:jboss/datasources/KeycloakDS
+      DB_SERVICE_PREFIX_MAPPING: db-postgresql=DB
+      TX_DATABASE_PREFIX_MAPPING: db-postgresql=DB
+      JGROUPS_PING_PROTOCOL: dns.DNS_PING
+      TZ: America/Vancouver
+    volumes:
+      - logs_data:/var/log/eap
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov:/opt/eap/themes/bcgov
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov-idp-login:/opt/eap/themes/bcgov-idp-login
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov-idp-login-no-brand:/opt/eap/themes/bcgov-idp-login-no-brand
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov-idp-stopper:/opt/eap/themes/bcgov-idp-stopper
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov-idp-stopper-no-header-title:/opt/eap/themes/bcgov-idp-stopper-no-header-title
+      - ../docker/keycloak/extensions-7.6/themes/src/main/resources/theme/bcgov-no-brand:/opt/eap/themes/bcgov-no-brand
+      # Must be a bind mount for changes to get picked up in container
+      - type: bind
+        source: ./bcgov-services-1.0.0.jar
+        target: /opt/eap/standalone/deployments/bcgov-services-1.0.0.jar
+
+  postgres:
+    image: docker.io/postgres:13
+    container_name: postgres
+    environment:
+      POSTGRES_DB: keycloak
+      POSTGRES_USER: keycloak
+      POSTGRES_PASSWORD: keycloak
+    tty: true
+    ports:
+      - 5433:5433
+    command: -p 5433
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+
+volumes:
+  postgres_data:
+    driver: local
+  logs_data:
+    driver: local