Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ACS-9183] Bump Keycloak to 26.1.0 #174

Merged
merged 1 commit into from
Feb 10, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
*Keycloak* is a central component responsible for identity-related capabilities needed by other Alfresco software, such as managing users, groups, roles, profiles, and authentication. Currently it deals just with authentication. This project contains the open-source core of this service.

For installing Keycloak you can choose either a sample Kubernetes distribution or a sample standalone distribution. Both methods are described in the following sections.
For upgrading, it is recommended to follow the official [Keycloak upgrading guide](https://www.keycloak.org/docs/26.0.7/upgrading/).
For upgrading, it is recommended to follow the official [Keycloak upgrading guide](https://www.keycloak.org/docs/26.1.0/upgrading/).

Check the [Kubernetes deployment prerequisites](https://github.com/Alfresco/alfresco-dbp-deployment/blob/master/README-prerequisite.md) and [standalone prerequisites](#prerequisites) before you start.

Expand Down Expand Up @@ -65,7 +65,7 @@ http://<IP_ADDRESS>:8080/auth/admin/alfresco/console/

#### Modifying the valid redirect URIs

**Note**: for security reasons, the redirect URIs should be as specific as possible. [See Keycloak official documentation](https://www.keycloak.org/docs/26.0.7/securing_apps/#redirect-uris).
**Note**: for security reasons, the redirect URIs should be as specific as possible. [See Keycloak official documentation](https://www.keycloak.org/docs/26.1.0/securing_apps/#redirect-uris).

1. After logging in to the Alfresco realm follow the left side menu and choose clients.
2. Choose the Alfresco client from the client list.
Expand Down Expand Up @@ -146,7 +146,7 @@ The above steps will deploy _Keycloak_ with the **default example realm applied*

#### Changing Alfresco Client redirectUris

**Note**: for security reasons, the redirect URIs should be as specific as possible. [See Keycloak official documentation](https://www.keycloak.org/docs/26.0.7/securing_apps/#redirect-uris).
**Note**: for security reasons, the redirect URIs should be as specific as possible. [See Keycloak official documentation](https://www.keycloak.org/docs/26.1.0/securing_apps/#redirect-uris).

You can override the default redirectUri of `http://localhost*` for your environment with the `realm.alfresco.client.redirectUris` property:

Expand Down Expand Up @@ -256,21 +256,21 @@ helm install $RELEASENAME helm/alfresco-keycloak --devel \

For further details see [Setting a Custom Realm](https://github.com/codecentric/helm-charts/tree/keycloak-18.0.0/charts/keycloak#setting-a-custom-realm).

Once Keycloak is up and running, login to the [Management Console](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#using-the-admin-console) to configure the required realm.
Once Keycloak is up and running, login to the [Management Console](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#using-the-admin-console) to configure the required realm.

#### Manually

1. [Add a realm](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#proc-creating-a-realm_server_administration_guide) named "Alfresco"
1. [Add a realm](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#proc-creating-a-realm_server_administration_guide) named "Alfresco"

2. [Create an OIDC client](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#_oidc_clients) named "alfresco" within the Alfresco realm
2. [Create an OIDC client](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#_oidc_clients) named "alfresco" within the Alfresco realm

3. [Create a group](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#proc-managing-groups_server_administration_guide) named "admin"
3. [Create a group](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#proc-managing-groups_server_administration_guide) named "admin"

4. [Add a new user](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#proc-creating-user_server_administration_guide) with a username of "testuser", email of "[email protected]" and first and last name of "test"
4. [Add a new user](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#proc-creating-user_server_administration_guide) with a username of "testuser", email of "[email protected]" and first and last name of "test"

#### Using the Sample Realm File

1. Go to the [Add Realm](https://www.keycloak.org/docs/26.0.7/server_admin/index.html#proc-creating-a-realm_server_administration_guide) page and click the "Select File" button next to the **Import** label.
1. Go to the [Add Realm](https://www.keycloak.org/docs/26.1.0/server_admin/index.html#proc-creating-a-realm_server_administration_guide) page and click the "Select File" button next to the **Import** label.

2. Choose the [sample realm](./alfresco-realm.json) file and click the "Create" button.

Expand Down
2 changes: 1 addition & 1 deletion distribution/build.properties
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
KEYCLOAK_VERSION=26.0.7
KEYCLOAK_VERSION=26.1.0
THEME_VERSION=0.3.5
2 changes: 1 addition & 1 deletion helm/alfresco-keycloak/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: alfresco-keycloak
version: 1.0.0
appVersion: 26.0.7
appVersion: 26.1.0
description: This is just a sample Helm installation of raw Keycloak with the Alfresco Realm and Theme pre-installed.
keywords:
- alfresco
Expand Down
4 changes: 2 additions & 2 deletions helm/alfresco-keycloak/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# alfresco-keycloak

![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 26.0.7](https://img.shields.io/badge/AppVersion-26.0.7-informational?style=flat-square)
![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 26.1.0](https://img.shields.io/badge/AppVersion-26.1.0-informational?style=flat-square)

This is just a sample Helm installation of raw Keycloak with the Alfresco Realm and Theme pre-installed.

Expand Down Expand Up @@ -44,7 +44,7 @@ This is just a sample Helm installation of raw Keycloak with the Alfresco Realm
| keycloakx.extraInitContainers | string | `"- name: theme-provider\n image: busybox:1.36\n imagePullPolicy: IfNotPresent\n command:\n - sh\n args:\n - -c\n - |\n THEME_VERSION=0.3.5\n wget https://github.com/Alfresco/alfresco-keycloak-theme/releases/download/${THEME_VERSION}/alfresco-keycloak-theme-${THEME_VERSION}.zip -O /alfresco.zip\n unzip alfresco.zip\n mv alfresco/* /theme/\n volumeMounts:\n - name: theme\n mountPath: /theme\n"` | |
| keycloakx.extraVolumeMounts | string | `"- name: realm-secret\n mountPath: \"/opt/keycloak/data/import/\"\n readOnly: true\n- name: theme\n mountPath: \"/opt/keycloak/themes/alfresco\"\n readOnly: true\n"` | |
| keycloakx.extraVolumes | string | `"- name: realm-secret\n secret:\n secretName: realm-secret\n- name: theme\n emptyDir: {}\n"` | |
| keycloakx.image.tag | string | `"26.0.7"` | |
| keycloakx.image.tag | string | `"26.1.0"` | |
| keycloakx.imagePullSecrets[0].name | string | `"quay-registry-secret"` | |
| keycloakx.rbac.create | bool | `false` | |
| keycloakx.service.httpPort | int | `80` | |
Expand Down
2 changes: 1 addition & 1 deletion helm/alfresco-keycloak/alfresco-realm.json
Original file line number Diff line number Diff line change
Expand Up @@ -2671,6 +2671,6 @@
{{- end }}
{{- end }}
],
"keycloakVersion": "26.0.7",
"keycloakVersion": "26.1.0",
"userManagedAccessAllowed": false
}
2 changes: 1 addition & 1 deletion helm/alfresco-keycloak/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ keycloakx:
rbac:
create: false
image:
tag: 26.0.7
tag: 26.1.0
imagePullSecrets:
- name: quay-registry-secret
serviceAccount:
Expand Down
2 changes: 1 addition & 1 deletion test/saml/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
<maven-compiler-plugin>3.8.0</maven-compiler-plugin>
<maven-surefire-plugin.version>2.21.0</maven-surefire-plugin.version>
<maven-dependency-plugin.version>3.1.2</maven-dependency-plugin.version>
<!-- IDS version where to test the upgrade scenario to the version defined in the build.properties file. E.g. upgrade IDS 1.8.0 to Keycloak 26.0.7 -->
<!-- IDS version where to test the upgrade scenario to the version defined in the build.properties file. E.g. upgrade IDS 1.8.0 to Keycloak 26.1.0 -->
<identity-service-from.version>1.8.0.1</identity-service-from.version>
</properties>

Expand Down
Loading