ci服务

ci服务

关注
发信
关注(28)粉丝(399)

使用keycloak作为gitlab-ci服务

本文介绍了使用keycloak作为gitlab-ci服务的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图在gitlab-ci中运行我的集成测试,而不是通过服务启动一个keycloak实例.gitlab-ci yaml配置可在以下位置找到: https://gitlab.com/viae-modules/viae-modules/-/blob/master/.gitlab-ci.yml

I am trying to run my integration tests in gitlab-ci versus a keycloak instance started via a service. gitlab-ci yaml configuration can be found over here: https://gitlab.com/viae-modules/viae-modules/-/blob/master/.gitlab-ci.yml

services:
  - docker:dind
  - name: mongo:latest
    alias: mongodb
  - name: jboss/keycloak:10.0.1
    alias: sso
    command: ["-b", "0.0.0.0"]

现在我无法连接到该实例.我添加了一些curl命令来验证连接,但是在那里看到了奇怪的事情:

Now I can't connect to this instance.I added some curl commands to validate the connection, but there I see something strange happening:

转到 http://sso:8080 会给出以下(密钥斗篷)响应

going to http://sso:8080 gives the following (keycloak) response

 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
     <meta http-equiv="refresh" content="0; url=/auth/" />
     <meta name="robots" content="noindex, nofollow">
     <script type="text/javascript">
         window.location.href = "/auth/"
     </script>
 </head>
 <body>
     If you are not redirected automatically, follow this <a href='/auth'>link</a>.
 </body>
 </html>

这表示密钥斗篷已启动并正在运行.然后,连接到 http://sso:8080/auth 会得到404 ...

which means that keycloak is up and running.Then, connecting to http://sso:8080/auth gives a 404...

我希望这是由于未绑定到0.0.0.0,但是我是在服务配置中这样做的.

I would expect that this was due to not binding to 0.0.0.0, but I did this in the service configuration.

我认为这与gitlab配置/运行器有关,因为以下图像在dockerized环境中响应(即与基础图像的docker选项/配置无关)

I assume this has something to do with the gitlab configuration/runner as the following image is responding in a dockerized environment (i.e. not related to docker options/configurations of the base image):

FROM jboss/keycloak:10.0.1
EXPOSE 8080

COPY themes /opt/jboss/keycloak/themes

#Database
ENV DB_VENDOR=xxx
ENV DB_DATABASE=xxx
ENV DB_ADDR=xxx
ENV DB_PORT=xxx

#Admin user
ENV KEYCLOAK_USER=xxx
ENV KEYCLOAK_PASSWORD=xxx

有人知道我做错了什么吗?

Anyone having a clue of what I did do wrong?

推荐答案

我无法解决此问题,但找到了解决方法:

I was not able to fix this, but I was able to find a workaround:

我创建了一个基本图像,其中包含GraalVM和一个独立的keycloak服务器: https://gitlab.com/viae-modules/viae-modules/-//blob/master/modules/docker-base-images/graalvm-keycloak-dockerfile

I created a base image which contains GraalVM and a standalone keycloak server:https://gitlab.com/viae-modules/viae-modules/-/blob/master/modules/docker-base-images/graalvm-keycloak-dockerfile

FROM centos:7
RUN mkdir /home/viae
RUN mkdir /home/viae/keycloak
WORKDIR /home/viae

COPY config/start_keycloak.sh /home/viae/start_keycloak.sh

RUN yum install -y wget zip unzip git
RUN wget -q https://downloads.jboss.org/keycloak/10.0.1/keycloak-10.0.1.zip
RUN unzip -q keycloak-10.0.1.zip
RUN mv /home/viae/keycloak-10.0.1/* /home/viae/keycloak

RUN wget -q https://github.com/graalvm/graalvm-ce-builds/releases/download/vm-20.1.0/graalvm-ce-java11-linux-amd64-20.1.0.tar.gz
RUN tar -zxf graalvm-ce-java11-linux-amd64-20.1.0.tar.gz

ENV PATH="/home/viae/graalvm-ce-java11-20.1.0/bin:${PATH}"
ENV JAVA_HOME="/home/viae/graalvm-ce-java11-20.1.0"

RUN /home/viae/keycloak/bin/add-user-keycloak.sh -r master -u admin -p admin

然后,我可以在我的CI脚本中使用此嵌入式密钥斗篷: https://gitlab.com/viae-modules/viae-modules/-/blob/master/.gitlab-ci.yml (请注意:keycloak仍应从脚本内启动==>提供一些时间,以便keycloak有启动时间.

I then can use this embedded keycloak in my CI scripts:https://gitlab.com/viae-modules/viae-modules/-/blob/master/.gitlab-ci.yml(Be careful: keycloak should still be started from within the script ==> provide some time to give keycloak the time to start up.

image: docker:stable

before_script:
  - export GRADLE_USER_HOME=`pwd`/.gradle
  - chmod a+rx `pwd`/gradlew

services:
  - docker:dind
  - name: mongo:latest
    alias: mongodb
...

.java-base-config:
  image: registry.gitlab.com/viae-modules/viae-modules/viae-graalvm-keycloak/viae-graalvm-keycloak:0.0.2
  ...

.execute-tests-template:
  extends: .java-base-config
  ...

test-viae-oauth2.0-validator:
  extends: .execute-tests-template
  stage: test
  script:
    - date
    - /home/viae/keycloak/bin/standalone.sh -b 0.0.0.0 -bmanagement 0.0.0.0 &
    - sleep 30
    - date
    - curl http://localhost:8080
    - curl http://localhost:8080/auth
    - curl http://localhost:8080/auth/realms/master
    - curl http://localhost:8080/auth/realms/master/protocol/openid-connect/certs
    - MICRONAUT_ENVIRONMENTS=ci ./gradlew --no-daemon :modules:viae-oauth2.0-validator:jacocoTestReport -Pmicronaut.environments=ci

这篇关于使用keycloak作为gitlab-ci服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-30 19:30
Powered by LMLPHP ©2024 ci服务 0.050516