36 Zeilen
Kein EOL
1,5 KiB
Bash
Ausführbare Datei
36 Zeilen
Kein EOL
1,5 KiB
Bash
Ausführbare Datei
#!/bin/bash
|
|
set -e
|
|
|
|
both() {
|
|
"$@" builder
|
|
"$@" final
|
|
}
|
|
|
|
source=quay.io/keycloak/keycloak:latest
|
|
buildah from -q --name builder --pull=newer $source
|
|
buildah from -q --name final $source
|
|
|
|
buildah config -l - -e - -a - -p - final
|
|
buildah config \
|
|
-e PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" \
|
|
-e KC_HTTPS_CLIENT_AUTH=request \
|
|
builder
|
|
buildah config \
|
|
-e KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de" \
|
|
-e KC_HOSTNAME_URL="https://sso.sebastian-tobie.de" \
|
|
-e KC_DB_USERNAME=keycloak \
|
|
-e KC_DB_PASSWORD=changeme \
|
|
-e KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak \
|
|
-e KEYCLOAK_ADMIN="admin" \
|
|
-e KEYCLOAK_ADMIN_PASSWORD="admin" \
|
|
-p 8080/tcp \
|
|
-u keycloak:keycloak \
|
|
--entrypoint "[\"kc.sh\", \"start\", \"--optimized\", \"--http-enabled\", \"true\", \"--proxy\", \"edge\", \"--log-console-format\", \"'%-5p [%c] (%t) %s%e%n'\", \"--hostname-strict-backchannel=true\"]" \
|
|
final
|
|
|
|
buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https-client-auth request --features web-authn,passkeys,persistent-user-sessions,recovery-codes --features-disabled kerberos,docker,ciba,fips
|
|
|
|
buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/
|
|
buildah rm builder
|
|
buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest
|
|
skopeo copy -q containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER |