quarkus
quarkus copied to clipboard
quarkusio
Add Keycloak Authorization dynamic tenant config resolution
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit af3c7d6033078f7e06fa7b6320967d150a6e40ce.
Failing Jobs
| Status | Name | Step | Failures | Logs | Raw logs | Build scan |
|---|
You can consult the Develocity build scans.
![quarkus-bot[bot] avatar](https://avatars.githubusercontent.com/in/90234?v=4 "Published by a pub.dev verified publisher"){kind=small}
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit af3c7d6033078f7e06fa7b6320967d150a6e40ce.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
hey @pedroigor please review if you would like, otherwise in terms of what is changed, changes are not specific to Keycloak (it's a CDI feature...), so @sberyozkin is right reviewer for this.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit 56072ca493266d996c6fb69190ef68cfa32769df.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:warning: There are other workflow runs running, you probably need to wait for their status before merging.
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit 56072ca493266d996c6fb69190ef68cfa32769df.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit c998c60cbf8296b34fb1d50568ca36240c02c1d0.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:warning: There are other workflow runs running, you probably need to wait for their status before merging.
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit c998c60cbf8296b34fb1d50568ca36240c02c1d0.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
@sberyozkin I pushed it by accident as I need to fix some tests, docs and write more tests, but as it's already there, you can look at the builder and provide early feedback. Or not. Anyway, it's as compact as I could make it. Cheers.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit 1789d1a8b1ae1da2a30ad6b72e76f3b449e5f08c.
Failing Jobs
| Status | Name | Step | Failures | Logs | Raw logs | Build scan |
|---|---|---|---|---|---|---|
| ✖ | JVM Tests - JDK 17 | Build |
Failures | Logs | Raw logs | :mag: |
| ✖ | JVM Tests - JDK 21 | Build |
Failures | Logs | Raw logs | :mag: |
Full information is available in the Build summary check run. You can consult the Develocity build scans.
Failures
:gear: JVM Tests - JDK 17 #
- Failing: integration-tests/keycloak-authorization
:package: integration-tests/keycloak-authorization
✖ io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testDynamicConfigPermissionScopes line 46 - History - More details - Source on GitHub
org.opentest4j.AssertionFailedError: /api/permission/scopes/dynamic-way ==> expected: <200> but was: <500>
at org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151)
at org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132)
at org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197)
at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:150)
at org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:563)
at io.quarkus.it.keycloak.AbstractPolicyEnforcerTest.assureGetPath(AbstractPolicyEnforcerTest.java:248)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testDynamicConfigPermissionScopes(DynamicTenantConfigPolicyEnforcerTest.java:46)
✖ io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testKeycloakPolicyEnforcerTenantConfigBuilder line 72 - History - More details - Source on GitHub
java.lang.NullPointerException: Cannot invoke "io.quarkus.keycloak.pep.runtime.KeycloakPolicyEnforcerTenantConfig$KeycloakConfigPolicyEnforcer$MethodConfig.method()" because "patchMethod" is null
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.assertMethod(DynamicTenantConfigPolicyEnforcerTest.java:159)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.assertBuilderShortcuts(DynamicTenantConfigPolicyEnforcerTest.java:144)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testKeycloakPolicyEnforcerTenantConfigBuilder(DynamicTenantConfigPolicyEnforcerTest.java:72)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at io.quarkus.test.junit.QuarkusTestExtension.runExtensionMethod(QuarkusTestExtension.java:1018)
at io.quarkus.test.junit.QuarkusTestExtension.interceptTestMethod(QuarkusTestExtension.java:832)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
:gear: JVM Tests - JDK 21 #
- Failing: integration-tests/keycloak-authorization
:package: integration-tests/keycloak-authorization
✖ io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testDynamicConfigPermissionScopes line 46 - History - More details - Source on GitHub
org.opentest4j.AssertionFailedError: /api/permission/scopes/dynamic-way ==> expected: <200> but was: <500>
at org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151)
at org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132)
at org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197)
at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:150)
at org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:563)
at io.quarkus.it.keycloak.AbstractPolicyEnforcerTest.assureGetPath(AbstractPolicyEnforcerTest.java:248)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testDynamicConfigPermissionScopes(DynamicTenantConfigPolicyEnforcerTest.java:46)
✖ io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testKeycloakPolicyEnforcerTenantConfigBuilder line 72 - History - More details - Source on GitHub
java.lang.NullPointerException: Cannot invoke "io.quarkus.keycloak.pep.runtime.KeycloakPolicyEnforcerTenantConfig$KeycloakConfigPolicyEnforcer$MethodConfig.method()" because "patchMethod" is null
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.assertMethod(DynamicTenantConfigPolicyEnforcerTest.java:159)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.assertBuilderShortcuts(DynamicTenantConfigPolicyEnforcerTest.java:144)
at io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest.testKeycloakPolicyEnforcerTenantConfigBuilder(DynamicTenantConfigPolicyEnforcerTest.java:72)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at io.quarkus.test.junit.QuarkusTestExtension.runExtensionMethod(QuarkusTestExtension.java:1018)
at io.quarkus.test.junit.QuarkusTestExtension.interceptTestMethod(QuarkusTestExtension.java:832)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
Done, the DynamicTenantConfigPolicyEnforcerTest tests new builder comprehensively.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit a4a1aa65b8840b14f909ff4425af004719cb0516.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:warning: There are other workflow runs running, you probably need to wait for their status before merging.
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit a4a1aa65b8840b14f909ff4425af004719cb0516.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
Hi @michalvavrik, can you please type a builder sequence showing all the supported properties being set, I was not sure about setGet("write")...
Hi @michalvavrik, can you please type a builder sequence showing all the supported properties being set
Please have a look at the io.quarkus.it.keycloak.DynamicTenantConfigPolicyEnforcerTest#assertEveryConfigPropertyCanBeSet added in this PR. You can also do .setGet(ScopeEnforcementMode.DISABLED, "scope1") though.
I was not sure about
setGet("write")...
It's varargs, so you can ignore scope if you want, ATM I am not throwing an exception when there is no scope because I wasn't able to determine if there can be such a scenario where it could be valid to avoid scope but set method. Anyway, according to the https://quarkus.io/guides/all-config#quarkus-keycloak-authorization_quarkus-keycloak-policy-enforcer-paths-paths-methods-methods-scopes it is required when the method is specified, and you wanted shortcuts (for POST, GET, PUT, ...) and want it compact. Not sure how to do both? Please feel free to provide suggestion.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit 9a6ad0eda9f76e3787f9ec28a00f130c1ece0502.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:warning: There are other workflow runs running, you probably need to wait for their status before merging.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit 9a6ad0eda9f76e3787f9ec28a00f130c1ece0502.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit cb558a344b390f5bd8115e03a68a6dff5a7202a1.
Failing Jobs
| Status | Name | Step | Failures | Logs | Raw logs | Build scan |
|---|---|---|---|---|---|---|
| ✖ | Initial JDK 17 Build | Build |
:warning: Check → | Logs | Raw logs | :mag: |
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit 80f2fbc2ebf3f3742a67041686f75f438ab4b4f9.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
:warning: There are other workflow runs running, you probably need to wait for their status before merging.
You can consult the Develocity build scans.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit 80f2fbc2ebf3f3742a67041686f75f438ab4b4f9.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
I've rebased on the current main and resolved merge conflicts just in case @sberyozkin find a time to review.
:waning_crescent_moon: This workflow status is outdated as a new workflow run has been triggered.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit 268049b00cf6e7cb7a30dd3ff84a39eec0ef6081.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
@sberyozkin please have a look; I won't resolve merge conflicts again as I'm bit worried it's wasting of CI resources. Will do it when you find a time for this
Merge conflicts were about TLS registry, the rest of this PR still applies. Resolved.
Status for workflow Quarkus CI
This is the status report for running Quarkus CI on commit 24aef29b844e7123642bc2af7e3256ea72f36e4c.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.
[!WARNING] There are other workflow runs running, you probably need to wait for their status before merging.
You can consult the Develocity build scans.
Status for workflow Quarkus Documentation CI
This is the status report for running Quarkus Documentation CI on commit 24aef29b844e7123642bc2af7e3256ea72f36e4c.
:white_check_mark: The latest workflow run for the pull request has completed successfully.
It should be safe to merge provided you have a look at the other checks in the summary.