keycloak/build_container.sh

#!/bin/bash
set -e

both() {
    "$@" builder
    "$@" final
}

source=quay.io/keycloak/keycloak:latest
buildah from -q --name builder --pull=newer $source >/dev/null
buildah from -q --name final $source >/dev/null

buildah config -l - -e - -a - -p - final
buildah config \
    -e PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" \
    -e KC_HTTPS_CLIENT_AUTH=request \
    builder
buildah config \
    -e KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de" \
    -e KC_HOSTNAME_URL="https://sso.sebastian-tobie.de" \
    -e KC_DB_USERNAME=keycloak \
    -e KC_DB_PASSWORD=changeme \
    -e KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak \
    -e KEYCLOAK_ADMIN="admin" \
    -e KEYCLOAK_ADMIN_PASSWORD="admin" \
    -p 8080/tcp \
    -u keycloak:keycloak \
    --entrypoint "[\"kc.sh\", \"start\", \"--optimized\", \"--http-enabled\", \"true\", \"--proxy\", \"edge\", \"--log-console-format\", \"'%-5p [%c] (%t) %s%e%n'\", \"--hostname-strict-backchannel=true\"]" \
    final

buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https-client-auth request --features web-authn,passkeys,persistent-user-sessions,recovery-codes --features-disabled kerberos,docker,ciba,fips

buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/
buildah rm builder
buildah commit --squash -q -f oci --rm final dir:image
moved the build to an shellscript 2025-01-26 18:49:43 +01:00			`#!/bin/bash`
			`set -e`

			`both() {`
			`"$@" builder`
			`"$@" final`
			`}`

			`source=quay.io/keycloak/keycloak:latest`
completly silenced the buildah from 2025-01-26 19:58:02 +01:00			`buildah from -q --name builder --pull=newer $source >/dev/null`
			`buildah from -q --name final $source >/dev/null`
moved the build to an shellscript 2025-01-26 18:49:43 +01:00
			`buildah config -l - -e - -a - -p - final`
			`buildah config \`
			`-e PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" \`
			`-e KC_HTTPS_CLIENT_AUTH=request \`
			`builder`
			`buildah config \`
			`-e KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de" \`
			`-e KC_HOSTNAME_URL="https://sso.sebastian-tobie.de" \`
			`-e KC_DB_USERNAME=keycloak \`
			`-e KC_DB_PASSWORD=changeme \`
			`-e KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak \`
			`-e KEYCLOAK_ADMIN="admin" \`
			`-e KEYCLOAK_ADMIN_PASSWORD="admin" \`
			`-p 8080/tcp \`
			`-u keycloak:keycloak \`
			`--entrypoint "[\"kc.sh\", \"start\", \"--optimized\", \"--http-enabled\", \"true\", \"--proxy\", \"edge\", \"--log-console-format\", \"'%-5p [%c] (%t) %s%e%n'\", \"--hostname-strict-backchannel=true\"]" \`
			`final`
removed the debug logging 2025-01-26 19:43:35 +01:00
moved the build to an shellscript 2025-01-26 18:49:43 +01:00			`buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https-client-auth request --features web-authn,passkeys,persistent-user-sessions,recovery-codes --features-disabled kerberos,docker,ciba,fips`

			`buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/`
			`buildah rm builder`
rewrote the copy 2025-01-28 09:54:33 +01:00			`buildah commit --squash -q -f oci --rm final dir:image`