Skip to content

chore(deps): update all non-major keycloak #548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
infraex-misc merged 5 commits into from
Apr 14, 2026
Merged

chore(deps): update all non-major keycloak #548

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b64c264
chore(deps): update all non-major keycloak
renovate[bot] Apr 12, 2026
fdb1c02
fix: improve retries
leiicamundi Apr 13, 2026
dab1e9c
try with bash
leiicamundi Apr 13, 2026
faa1f21
fix
leiicamundi Apr 13, 2026
baa2753
fix: escape $port in healthcheck and fix compose v2 detection
leiicamundi Apr 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 13 additions & 12 deletions .github/actions/compose/healthy.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
#!/bin/bash

# docker compose --> v2 (GA)
# docker-compose --> v1 (missing some newer flags)
# Edge case; Self-hosted runners don't support "docker compose" yet even though on v2
VERSION=$(docker-compose version --short)

if [[ "$VERSION" =~ ^1\.[0-9]+\.[0-9]+ || -z "${VERSION}" ]]; then
# if docker-compose is v1, we're setting it to docker compose, which should be v2
echo "Deteceted v1, setting to v2"
DOCKER_COMMAND="docker compose -f ${FILE} ${COMPOSE_FLAGS}"
# docker compose --> v2 (GA, plugin)
# docker-compose --> v1/v2 (standalone binary, may not be installed)
if command -v docker-compose &>/dev/null; then
VERSION=$(docker-compose version --short 2>/dev/null)
if [[ "$VERSION" =~ ^1\.[0-9]+\.[0-9]+ ]]; then
echo "Detected docker-compose v1, using docker compose (v2 plugin)"
DOCKER_COMMAND="docker compose -f ${FILE} ${COMPOSE_FLAGS}"
else
echo "Detected docker-compose v2"
DOCKER_COMMAND="docker-compose -f ${FILE} ${COMPOSE_FLAGS}"
fi
else
# e.g. locally or on self-hosted runners docker-compose can be v2
echo "Detected v2"
DOCKER_COMMAND="docker-compose -f ${FILE} ${COMPOSE_FLAGS}"
echo "docker-compose not found, using docker compose (v2 plugin)"
DOCKER_COMMAND="docker compose -f ${FILE} ${COMPOSE_FLAGS}"
fi

eval $DOCKER_COMMAND ps
Expand Down
32 changes: 26 additions & 6 deletions .github/scripts/integration/main.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,34 @@
import time
from keycloak import KeycloakAdmin
from keycloak import KeycloakOpenIDConnection
from keycloak.exceptions import KeycloakPostError

max_retries = 30
retry_delay = 5

print("Connecting to KeyCloak")
keycloak_connection = KeycloakOpenIDConnection(
server_url="http://localhost:8080/",
username='admin',
password='admin',
realm_name="master")
for attempt in range(1, max_retries + 1):
try:
keycloak_connection = KeycloakOpenIDConnection(
server_url="http://localhost:8080/",
username='admin',
password='admin',
realm_name="master")

keycloak_admin = KeycloakAdmin(connection=keycloak_connection)
keycloak_admin = KeycloakAdmin(connection=keycloak_connection)
break
except KeycloakPostError as e:
if "503" in str(e) and attempt < max_retries:
print(f"Keycloak bootstrap in progress (attempt {attempt}/{max_retries}), retrying in {retry_delay}s...")
time.sleep(retry_delay)
else:
raise
except Exception as e:
if attempt < max_retries:
print(f"Connection failed (attempt {attempt}/{max_retries}): {e}, retrying in {retry_delay}s...")
time.sleep(retry_delay)
else:
raise

print("Checking that only 1 user exists")
count_users = keycloak_admin.users_count()
Expand Down
18 changes: 15 additions & 3 deletions docker-compose.quay.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,10 +54,22 @@ services:
AWS_WEB_IDENTITY_TOKEN_FILE: ${AWS_WEB_IDENTITY_TOKEN_FILE:-}

healthcheck:
test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/8080' || exit 1
test:
- CMD
- bash
- -c
- >
for port in 9000 8080; do
if exec 3<>/dev/tcp/127.0.0.1/$$port 2>/dev/null; then
echo -e "GET /health/ready HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n" >&3;
timeout 5 cat <&3 | grep -q '200 OK' && exit 0;
fi;
done;
exit 1
interval: 15s
timeout: 5s
retries: 5
timeout: 15s
retries: 15
start_period: 30s
ports:
- 8080:8080
- 9000:9000
Expand Down
9 changes: 6 additions & 3 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,13 @@ services:
AWS_WEB_IDENTITY_TOKEN_FILE: ${AWS_WEB_IDENTITY_TOKEN_FILE:-}

healthcheck:
test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/8080' || exit 1
test:
- CMD-SHELL
- curl -fsS http://127.0.0.1:9000/health/ready > /dev/null 2>&1 || curl -fsS http://127.0.0.1:8080/health/ready > /dev/null 2>&1
interval: 15s
timeout: 5s
retries: 5
timeout: 15s
retries: 15
start_period: 30s
ports:
- 8080:8080
depends_on:
Expand Down
4 changes: 2 additions & 2 deletions keycloak-26/bases.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ sources:
# skopeo --override-os linux inspect docker://registry.camunda.cloud/vendor-ee/keycloak:<tag> --raw | jq '.Digest'
image:
repository: registry.camunda.cloud/vendor-ee/keycloak
tag: 26.5.7-debian-12-r0@sha256:350c7c7ee4ef8cafa5cd0b973d15237f62ed4193ee4ec9c3570265583c5f67fa
tag: 26.6.0-debian-12-r0@sha256:eb5b4fe7b1ae306322c75e4a72229bb8067f8b1cb48454225af27fc2a684fe60

quay:
# List of all available images with associated sha:
Expand All @@ -25,4 +25,4 @@ sources:
# skopeo --override-os linux inspect docker://quay.io/keycloak/keycloak:<tag> --raw | jq '.Digest'
image:
repository: quay.io/keycloak/keycloak
tag: 26.5.7@sha256:45ae20191531eb608ddb0b775d012b40d3e4f942697f3214694887dd7c108d13
tag: 26.6.0@sha256:b0e5dbced1775de4d629f103c0a9cfc057decc62ce8d3cb1c54f8849a6c6eb62
Loading