Upgrade to Keycloak 23

upgrade the docker and kubernetes builds to use Keycloak 23.0.0,
see https://www.keycloak.org/2023/11/keycloak-2300-released.html

Fix jhipster#24352

generators/docker-compose/templates/docker-compose.yml.ejs

@@ -110,7 +110,7 @@ services:
 <%_ if (usesOauth2) { _%>
   keycloak:
     image: <%- dockerContainers.keycloak %>
-    command: ['start-dev --import-realm']
+    command: 'start-dev --import-realm'
     volumes:
       - ./realm-config:/opt/keycloak/data/import
       - ./realm-config/keycloak-health-check.sh:/opt/keycloak/health-check.sh

generators/docker-compose/templates/realm-config/jhipster-realm.json.ejs

@@ -475,6 +475,15 @@
     "totpAppFreeOTPName",
     "totpAppMicrosoftAuthenticatorName"
   ],
+  "localizationTexts": {
+    "en": {
+      "emailTestSubject": "TEST SUBJECT",
+      "doLogin": "SUPER Login",
+      "configure": "Configure your realm",
+      "emailAccountHtmlTitle": "SUPER Edit Account",
+      "manage": "Manage your realm"
+    }
+  },
   "webAuthnPolicyRpEntityName": "keycloak",
   "webAuthnPolicySignatureAlgorithms": [
     "ES256"
@@ -487,6 +496,7 @@
   "webAuthnPolicyCreateTimeout": 0,
   "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
   "webAuthnPolicyAcceptableAaguids": [],
+  "webAuthnPolicyExtraOrigins": [],
   "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
   "webAuthnPolicyPasswordlessSignatureAlgorithms": [
     "ES256"
@@ -499,6 +509,7 @@
   "webAuthnPolicyPasswordlessCreateTimeout": 0,
   "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
   "webAuthnPolicyPasswordlessAcceptableAaguids": [],
+  "webAuthnPolicyPasswordlessExtraOrigins": [],
   "users": [
     {
       "id": "f742ba6f-1d8a-4dec-bf15-e02dab508283",
@@ -2578,7 +2589,7 @@
     "frontendUrl": "",
     "acr.loa.map": "[]"
   },
-  "keycloakVersion": "22.0.1",
+  "keycloakVersion": "23.0.0",
   "userManagedAccessAllowed": false,
   "clientProfiles": {
     "profiles": []

generators/docker/templates/docker/keycloak.yml.ejs

@@ -21,7 +21,7 @@ name: <%= baseName.toLowerCase() %>
 services:
   keycloak:
     image: <%- dockerContainers.keycloak %>
-    command: ['start-dev --import-realm']
+    command: 'start-dev --import-realm'
     volumes:
       - ./realm-config:/opt/keycloak/data/import
       - ./realm-config/keycloak-health-check.sh:/opt/keycloak/health-check.sh

generators/docker/templates/docker/realm-config/jhipster-realm.json.ejs

@@ -475,6 +475,15 @@
     "totpAppFreeOTPName",
     "totpAppMicrosoftAuthenticatorName"
   ],
+  "localizationTexts": {
+    "en": {
+      "emailTestSubject": "TEST SUBJECT",
+      "doLogin": "SUPER Login",
+      "configure": "Configure your realm",
+      "emailAccountHtmlTitle": "SUPER Edit Account",
+      "manage": "Manage your realm"
+    }
+  },
   "webAuthnPolicyRpEntityName": "keycloak",
   "webAuthnPolicySignatureAlgorithms": [
     "ES256"
@@ -487,6 +496,7 @@
   "webAuthnPolicyCreateTimeout": 0,
   "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
   "webAuthnPolicyAcceptableAaguids": [],
+  "webAuthnPolicyExtraOrigins": [],
   "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
   "webAuthnPolicyPasswordlessSignatureAlgorithms": [
     "ES256"
@@ -499,6 +509,7 @@
   "webAuthnPolicyPasswordlessCreateTimeout": 0,
   "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
   "webAuthnPolicyPasswordlessAcceptableAaguids": [],
+  "webAuthnPolicyPasswordlessExtraOrigins": [],
   "users": [
     {
       "id": "f742ba6f-1d8a-4dec-bf15-e02dab508283",
@@ -2576,7 +2587,7 @@
     "frontendUrl": "",
     "acr.loa.map": "[]"
   },
-  "keycloakVersion": "22.0.1",
+  "keycloakVersion": "23.0.0",
   "userManagedAccessAllowed": false,
   "clientProfiles": {
     "profiles": []

generators/kubernetes/__snapshots__/kubernetes.spec.mts.snap

@@ -5014,7 +5014,7 @@ data:
         "cibaInterval": "5",
         "frontendUrl": ""
       },
-      "keycloakVersion": "22.0.1",
+      "keycloakVersion": "23.0.0",
       "userManagedAccessAllowed": false,
       "clientProfiles": {
         "profiles": []
@@ -8458,7 +8458,7 @@ data:
         "cibaInterval": "5",
         "frontendUrl": ""
       },
-      "keycloakVersion": "22.0.1",
+      "keycloakVersion": "23.0.0",
       "userManagedAccessAllowed": false,
       "clientProfiles": {
         "profiles": []

generators/kubernetes/templates/keycloak/keycloak-configmap.yml.ejs

@@ -469,6 +469,15 @@ data:
         "FreeOTP",
         "Google Authenticator"
       ],
+      "localizationTexts": {
+        "en": {
+          "emailTestSubject": "TEST SUBJECT",
+          "doLogin": "SUPER Login",
+          "configure": "Configure your realm",
+          "emailAccountHtmlTitle": "SUPER Edit Account",
+          "manage": "Manage your realm"
+        }
+      },
       "webAuthnPolicyRpEntityName": "keycloak",
       "webAuthnPolicySignatureAlgorithms": [
         "ES256"
@@ -481,6 +490,7 @@ data:
       "webAuthnPolicyCreateTimeout": 0,
       "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
       "webAuthnPolicyAcceptableAaguids": [],
+      "webAuthnPolicyExtraOrigins": [],
       "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
       "webAuthnPolicyPasswordlessSignatureAlgorithms": [
         "ES256"
@@ -493,6 +503,7 @@ data:
       "webAuthnPolicyPasswordlessCreateTimeout": 0,
       "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
       "webAuthnPolicyPasswordlessAcceptableAaguids": [],
+      "webAuthnPolicyPasswordlessExtraOrigins": [],
       "scopeMappings": [
         {
           "clientScope": "offline_access",
@@ -2499,7 +2510,7 @@ data:
         "cibaInterval": "5",
         "frontendUrl": ""
       },
-      "keycloakVersion": "22.0.1",
+      "keycloakVersion": "23.0.0",
       "userManagedAccessAllowed": false,
       "clientProfiles": {
         "profiles": []

generators/kubernetes/templates/keycloak/keycloak.yml.ejs

@@ -38,7 +38,7 @@ spec:
       containers:
       - name: keycloak
         image: <%- dockerContainers.keycloak %>
-        args: ["start --import-realm"]
+        args: "start --import-realm"
         env:
         - name: KEYCLOAK_ADMIN
           value: "admin"

generators/server/resources/Dockerfile

@@ -13,7 +13,7 @@ LABEL ALIAS=consul-config-loader
 FROM postgres:16.1
 LABEL ALIAS=postgresql
 
-FROM quay.io/keycloak/keycloak:22.0.5
+FROM quay.io/keycloak/keycloak:23.0.0
 LABEL ALIAS=keycloak
 
 FROM mysql:8.2.0