Skip to content

Commit d4a63e8

Browse files
matzewmatzew
committed
Initial Keycloak container setup
Signed-off-by: Matthias Wessendorf <[email protected]>
1 parent e646213 commit d4a63e8

File tree

3 files changed

+129
-2
lines changed

3 files changed

+129
-2
lines changed

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -133,18 +133,18 @@ local-env-setup: ## Setup complete local development environment with Kind clust
133133
@echo "========================================="
134134
$(MAKE) tools
135135
$(MAKE) kind-create-cluster
136+
$(MAKE) keycloak-install
136137
$(MAKE) build
137138
@echo ""
138139
@echo "========================================="
139140
@echo "Local environment ready!"
140141
@echo "========================================="
141142
@echo ""
142143
@echo "Run the MCP server with:"
143-
@echo " ./$(BINARY_NAME)"
144+
@echo " ./$(BINARY_NAME) --port ..."
144145
@echo ""
145146
@echo "Or run with MCP inspector:"
146147
@echo " npx @modelcontextprotocol/inspector@latest \$$(pwd)/$(BINARY_NAME)"
147-
@echo ""
148148

149149
.PHONY: local-env-teardown
150150
local-env-teardown: ## Tear down the local Kind cluster

build/keycloak.mk

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
# Keycloak IdP for development and testing
2+
3+
KEYCLOAK_NAMESPACE = keycloak
4+
KEYCLOAK_ADMIN_USER = admin
5+
KEYCLOAK_ADMIN_PASSWORD = admin
6+
7+
.PHONY: keycloak-install
8+
keycloak-install: ## Install Keycloak for local development
9+
@echo "Installing Keycloak (dev mode using official image)..."
10+
@kubectl apply -f config/keycloak/deployment.yaml
11+
@echo "Waiting for Keycloak to be ready..."
12+
@kubectl wait --for=condition=ready pod -l app=keycloak -n $(KEYCLOAK_NAMESPACE) --timeout=120s || true
13+
@echo ""
14+
@echo "Keycloak installed!"
15+
@echo "Admin credentials: $(KEYCLOAK_ADMIN_USER) / $(KEYCLOAK_ADMIN_PASSWORD)"
16+
@echo "Run 'make keycloak-forward' to access at http://localhost:8090"
17+
18+
.PHONY: keycloak-uninstall
19+
keycloak-uninstall: ## Uninstall Keycloak
20+
@kubectl delete -f config/keycloak/deployment.yaml 2>/dev/null || true
21+
22+
.PHONY: keycloak-forward
23+
keycloak-forward: ## Port forward Keycloak to localhost:8090
24+
@echo "Forwarding Keycloak to http://localhost:8090"
25+
@echo "Login: $(KEYCLOAK_ADMIN_USER) / $(KEYCLOAK_ADMIN_PASSWORD)"
26+
kubectl port-forward -n $(KEYCLOAK_NAMESPACE) svc/keycloak 8090:80
27+
28+
.PHONY: keycloak-status
29+
keycloak-status: ## Show Keycloak status and connection info
30+
@if kubectl get svc -n $(KEYCLOAK_NAMESPACE) keycloak >/dev/null 2>&1; then \
31+
echo "========================================"; \
32+
echo "Keycloak Status"; \
33+
echo "========================================"; \
34+
echo ""; \
35+
echo "Status: Installed"; \
36+
echo ""; \
37+
echo "Admin Console:"; \
38+
echo " URL: http://localhost:8090 (run: make keycloak-forward)"; \
39+
echo " Username: $(KEYCLOAK_ADMIN_USER)"; \
40+
echo " Password: $(KEYCLOAK_ADMIN_PASSWORD)"; \
41+
echo ""; \
42+
echo "OIDC Endpoints (master realm):"; \
43+
echo " Discovery: http://localhost:8090/realms/master/.well-known/openid-configuration"; \
44+
echo " Token: http://localhost:8090/realms/master/protocol/openid-connect/token"; \
45+
echo " Authorize: http://localhost:8090/realms/master/protocol/openid-connect/auth"; \
46+
echo " UserInfo: http://localhost:8090/realms/master/protocol/openid-connect/userinfo"; \
47+
echo " JWKS: http://localhost:8090/realms/master/protocol/openid-connect/certs"; \
48+
echo ""; \
49+
echo "========================================"; \
50+
else \
51+
echo "Keycloak is not installed. Run: make keycloak-install"; \
52+
fi
53+
54+
.PHONY: keycloak-logs
55+
keycloak-logs: ## Tail Keycloak logs
56+
@kubectl logs -n $(KEYCLOAK_NAMESPACE) -l app=keycloak -f --tail=100

config/keycloak/deployment.yaml

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
---
2+
apiVersion: v1
3+
kind: Namespace
4+
metadata:
5+
name: keycloak
6+
---
7+
apiVersion: apps/v1
8+
kind: Deployment
9+
metadata:
10+
name: keycloak
11+
namespace: keycloak
12+
labels:
13+
app: keycloak
14+
spec:
15+
replicas: 1
16+
selector:
17+
matchLabels:
18+
app: keycloak
19+
template:
20+
metadata:
21+
labels:
22+
app: keycloak
23+
spec:
24+
containers:
25+
- name: keycloak
26+
image: quay.io/keycloak/keycloak:26.4
27+
args: ["start-dev"]
28+
env:
29+
- name: KEYCLOAK_ADMIN
30+
value: "admin"
31+
- name: KEYCLOAK_ADMIN_PASSWORD
32+
value: "admin"
33+
- name: KC_PROXY
34+
value: "edge"
35+
- name: KC_HOSTNAME_STRICT
36+
value: "false"
37+
- name: KC_HTTP_ENABLED
38+
value: "true"
39+
- name: KC_HEALTH_ENABLED
40+
value: "true"
41+
ports:
42+
- name: http
43+
containerPort: 8080
44+
readinessProbe:
45+
httpGet:
46+
path: /health/ready
47+
port: 9000
48+
initialDelaySeconds: 30
49+
periodSeconds: 10
50+
livenessProbe:
51+
httpGet:
52+
path: /health/live
53+
port: 9000
54+
initialDelaySeconds: 60
55+
periodSeconds: 30
56+
---
57+
apiVersion: v1
58+
kind: Service
59+
metadata:
60+
name: keycloak
61+
namespace: keycloak
62+
labels:
63+
app: keycloak
64+
spec:
65+
ports:
66+
- name: http
67+
port: 80
68+
targetPort: 8080
69+
selector:
70+
app: keycloak
71+
type: ClusterIP

0 commit comments

Comments
 (0)