d293315eec
Add devstack testing setup for OIDC using an instance of keycloak which is instantiated from a keycloak image. This is largely taken from Kristi's work in https://github.com/knikolla/devstack-plugin-oidc This configuration is triggered by enabling the devstack service keystone-oidc-federation. The expectation is that either SAML2 or OIDC is enabled, but not both. Depends-On: https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/864571 Co-Authored-By: David Wilde <dwilde@redhat.com> Change-Id: I1ff4d48c05cef1022dc510df03104f36cdd7a953
34 lines
1.2 KiB
YAML
34 lines
1.2 KiB
YAML
version: "3"
|
|
|
|
services:
|
|
keycloak:
|
|
image: quay.io/keycloak/keycloak:latest
|
|
command: start-dev --log-level debug --log=console,file --https-certificate-file=/etc/certs/devstack-cert.pem --https-certificate-key-file=/etc/certs/devstack-cert.pem
|
|
container_name: oidc_keycloak_1
|
|
environment:
|
|
KEYCLOAK_ADMIN: admin
|
|
KEYCLOAK_ADMIN_PASSWORD: nomoresecret
|
|
KEYCLOAK_USER: admin
|
|
KEYCLOAK_PASSWORD: nomoresecret
|
|
KEYCLOAK_LOG_LEVEL: DEBUG
|
|
DB_VENDOR: mariadb
|
|
DB_DATABASE: keycloak
|
|
DB_USER: keycloak
|
|
DB_PASSWORD: "nomoresecret"
|
|
DB_ADDR: "keycloak-database"
|
|
DB_PORT: "3306"
|
|
JAVA_OPTS: "-server -Xms128m -Xmx1024m -XX:MetaspaceSize=128M -XX:MaxMetaspaceSize=512m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true"
|
|
ports:
|
|
- "8088:8080" # host:container
|
|
- "8443:8443"
|
|
volumes:
|
|
- DEVSTACK_DEST:/etc/certs:rw
|
|
|
|
keycloak-database:
|
|
image: quay.io/metal3-io/mariadb:latest
|
|
environment:
|
|
MYSQL_ROOT_PASSWORD: nomoresecret
|
|
MYSQL_DATABASE: keycloak
|
|
MYSQL_USER: keycloak
|
|
MYSQL_PASSWORD: nomoresecret
|