-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump strimzi kafka-oauth-client to 0.14.0 with fix for native #36698
Bump strimzi kafka-oauth-client to 0.14.0 with fix for native #36698
Conversation
Create realm by posting to Keycloak admin API
591b19e
to
4308428
Compare
This comment has been minimized.
This comment has been minimized.
.../kafka-client/runtime/src/main/java/io/smallrye/reactive/kafka/graal/KafkaSubstitutions.java
Outdated
Show resolved
Hide resolved
integration-tests/kafka-oauth-keycloak/src/main/resources/application.properties
Show resolved
Hide resolved
import io.quarkus.runtime.configuration.ConfigurationException; | ||
import io.restassured.RestAssured; | ||
|
||
public class KeycloakContainer extends GenericContainer<KeycloakContainer> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't we have a dev service?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the kafka-oauth-keycloak
IT we need to configure the kafka instance and the app with keycloak config. That's why we had an ad-hoc Keycloak test container – and the config was significantly complex, I simplified it in this change.
The quarkus-test-keycloak-server
is recommended only when there is a reason not to use the Keycloak dev service for testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ozangunalp The refactoring looks good, and it is sound in any case, but Dev Service can be configured with a custom realm path, the Keycloak test factory is not really recommended any more, but indeed, quite a few OIDC tests still depend on it to test against legacy Keycloak distributions.
When you get a chance, please check what is missing from DevServicesConfig and may be we can enhance something, please open issues if you'll identify what can be. For example, I'm planning to support copying various test resources to the container to migrate KeycloakAuthorization tests to Dev Service
4308428
to
abdfa22
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Keycloak test factory and KeycloakTestClient related refactoring looks good
🙈 The PR is closed and the preview is expired. |
Revamp kafka-oauth-keycloak test using keycloak-server, moving KeycloakContainer to test framework.
Revert 62909e5
Adds
kafka-oauth-common
to application/bom because of strimzi/strimzi-kafka-oauth#209It is added as provided scoped dependency to kafka-client extension runtime module bacause of the new substitutions required. These substitutions are applied only when strimzi-oauth is found in classpath.
This opens the discussion to move strimzi-oauth support to a quarkiverse extension.