-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Keycloak local testing environment #604
Add Keycloak local testing environment #604
Conversation
Hey @EvgeniGordeev, I haven't done a full review just yet, but I wanted to open a discussion about the socat alpine container and the nginx containers that you've added to this example. I wonder if we can simplify the example a little. In the other example environments, we expose the services on non-standard ports (eg Dex in both examples is on Similarly, in the normal dex example, users can access |
Hey @JoelSpeed yeah, the example is not ideal. I just wanted:
I agree to remove nginx and socat and use the URLs like http://oauth2-proxy.localtest.me:4180 and http://keycloak.localtest.me:8080 if the current setup is too confusing. |
@JoelSpeed the example simplified without A side question are you interested in a k8s example (based on minikube) too? I'm upgrading oauth2-proxy from 3.1.0 to the 5.1.1 and have trouble with nginx-ingress and oauth2-proxy with 502 error. oauth2-proxy successfully authenticates:
but nginx ingress doesn't like:
Which apparently can be fixed with adjusting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just tried this out and the bash scripts weren't working for me, is there any way they could be avoided at all? Can the config not be statically loaded as it is in the Dex example?
I managed to get the scripts working (I think), but keycloak still wasn't letting me log in, no client found
To your comment re a K8s example, I think that would be awesome, I wonder if we could achieve it using kind rather than minikube though, it would be much more lightweight
I tried to make a lightweight config for keycloak that's why I ended up with extra scripts to load just one client with oauth2-proxy.json instead of loading the full keycloak export which is quite verbose compared to Dex. Now |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't thoroughly reviewed the master-realm.json, but everything else looks good.
I need to find some time to manually test this, but assuming that's all good, then I'm happy to get this merged! Thanks for your work so far.
One final thing would be to add a changelog entry please
@JoelSpeed changelog entry added. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just tested this out and it's working great! Thanks for your work on this 🙂
docker-compose file to provide an example based on keycloak as IDP provider and httpbin as upstream.