-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile.keycloak
88 lines (72 loc) · 2.22 KB
/
Dockerfile.keycloak
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
ARG KEYCLOAK_VERSION=24.0.3
ARG KEYCLOAK_RELEASEVER=9
FROM registry.access.redhat.com/ubi${KEYCLOAK_RELEASEVER}/ubi AS package-builder
ARG KEYCLOAK_RELEASEVER=9
RUN mkdir -p /mnt/rootfs
ARG KEYCLOAK_DB
RUN case ${KEYCLOAK_DB} in \
mariadb) \
db= \
;; \
postgres) \
db=postgresql \
;; \
*) \
exit 1 \
;; \
esac && \
yum install \
--installroot /mnt/rootfs \
--releasever ${KEYCLOAK_RELEASEVER} \
--setopt install_weak_deps=false \
--nodocs -y \
curl gzip hostname httpd jq nc openssl python3 python3-pip socat tar \
$db && \
yum clean all && \
rm -rf /mnt/rootfs/var/cache/*
FROM docker.io/maven AS provider-builder
WORKDIR /opt/keycloak
COPY files/keycloak/providers/pom.xml ./
COPY files/keycloak/providers/src/ ./src/
RUN mvn package test
FROM quay.io/keycloak/keycloak:${KEYCLOAK_VERSION} AS keycloak-builder
WORKDIR /opt/keycloak
COPY --from=provider-builder \
/opt/keycloak/target/oidc-keycloak-provider-0.1.jar \
/opt/keycloak/providers/
ARG KEYCLOAK_DB
ARG KEYCLOAK_FEATURES
RUN /opt/keycloak/bin/kc.sh build \
--db ${KEYCLOAK_DB} \
${KEYCLOAK_FEATURES:+--features }${KEYCLOAK_FEATURES} \
--health-enabled=true && \
/opt/keycloak/bin/kc.sh show-config
FROM quay.io/keycloak/keycloak:${KEYCLOAK_VERSION}
RUN [ $(id -u) -eq 1000 -a $(id -g) -eq 0 ]
USER 0:0
COPY --from=package-builder /mnt/rootfs/ /
RUN install -o 1000 -g 0 -d /var/run/keycloak
RUN install -o 1000 -g 0 -d /var/lib/keycloak
USER 1000:1000
COPY --from=keycloak-builder /opt/keycloak/ /opt/keycloak/
RUN \
python3 -m venv /var/lib/keycloak/venv && \
mkdir -p /var/lib/keycloak/cache/pip && \
/var/lib/keycloak/venv/bin/pip3 install \
--cache-dir /var/lib/keycloak/cache/pip --upgrade pip PyJWT
ENV APP_IDS ""
ENV KEYCLOAK_ADMIN_PASSWORD ""
ENV KEYCLOAK_DB_PASSWORD ""
ENV KEYCLOAK_DB_URL ""
ENV KEYCLOAK_DB_USERNAME ""
ENV KEYCLOAK_LOG_LEVEL ""
ENV REALM_IDS ""
ENV SMTP_SERVER ""
COPY files/state /usr/local/bin/
COPY files/keycloak/kc-* files/keycloak/*.py /usr/local/bin/
COPY files/issue_19321 /usr/local/bin/
VOLUME /mnt/state
COPY --chmod=755 files/keycloak/entrypoint files/keycloak/demos /
ENTRYPOINT ["/entrypoint"]
RUN [ -f /opt/keycloak/conf/keycloak.conf ]
CMD ["start", "--optimized"]