From ae4338db5460702a30bcbab3d79071241ae2776e Mon Sep 17 00:00:00 2001 From: Paul Abel <128620221+pdabelf5@users.noreply.github.com> Date: Mon, 6 Oct 2025 17:02:02 +0100 Subject: [PATCH] Update examples with keycloak 26.x (#8362) * Update quay.io/keycloak/keycloak Docker tag to v26 | datasource | package | from | to | | ---------- | ------------------------- | ------ | ------ | | docker | quay.io/keycloak/keycloak | 25.0.2 | 26.4.0 | | docker | quay.io/keycloak/keycloak | 20.0.5 | 26.4.0 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update docs that use keycloak --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- examples/custom-resources/jwks/README.md | 4 ++-- examples/custom-resources/jwks/keycloak.yaml | 12 +++++++----- examples/custom-resources/oidc/keycloak.yaml | 12 +++++++----- examples/custom-resources/oidc/keycloak_setup.md | 2 +- 4 files changed, 17 insertions(+), 13 deletions(-) diff --git a/examples/custom-resources/jwks/README.md b/examples/custom-resources/jwks/README.md index f26bd81c88..a84b29ad5f 100644 --- a/examples/custom-resources/jwks/README.md +++ b/examples/custom-resources/jwks/README.md @@ -66,7 +66,7 @@ To set up Keycloak: 3. Create a new Client called `jwks-client`. This can be done by selecting the `Client`s tab on the left and then selecting `Create client`. - - When creating the Client, ensure both `Client authentication` and `Authorization` are enabled. + - When creating the Client, ensure both `Client authentication`, `Authorization` & `Direct access grants` are enabled. 4. Once the client is created, navigate to the `Credentials` tab for that client and copy the client secret. - This can be saved in the `SECRET` shell variable for later: @@ -75,7 +75,7 @@ To set up Keycloak: export SECRET= ``` -5. Create a new User called `jwks-user` by selecting the Users tab on the left and then selecting Create client. +5. Create a new User called `jwks-user` by selecting the Users tab on the left and then selecting Create client. Ensure an email, first & last name are set. 6. Once the user is created, navigate to the `Credentials` tab for that user and select `Set password`. For this example the password can be whatever you want. diff --git a/examples/custom-resources/jwks/keycloak.yaml b/examples/custom-resources/jwks/keycloak.yaml index 6f5d962c3d..c9645de450 100644 --- a/examples/custom-resources/jwks/keycloak.yaml +++ b/examples/custom-resources/jwks/keycloak.yaml @@ -31,15 +31,17 @@ spec: spec: containers: - name: keycloak - image: quay.io/keycloak/keycloak:20.0.5 + image: quay.io/keycloak/keycloak:26.4.0 args: ["start-dev"] env: - - name: KEYCLOAK_ADMIN + - name: KC_BOOTSTRAP_ADMIN_USERNAME value: "admin" - - name: KEYCLOAK_ADMIN_PASSWORD + - name: KC_BOOTSTRAP_ADMIN_PASSWORD value: "admin" - - name: KC_PROXY - value: "edge" + - name: KC_HTTP_ENABLED + value: "true" + - name: KC_PROXY_HEADERS + value: "xforwarded" ports: - name: http containerPort: 8080 diff --git a/examples/custom-resources/oidc/keycloak.yaml b/examples/custom-resources/oidc/keycloak.yaml index 0e879dfa11..c9645de450 100644 --- a/examples/custom-resources/oidc/keycloak.yaml +++ b/examples/custom-resources/oidc/keycloak.yaml @@ -31,15 +31,17 @@ spec: spec: containers: - name: keycloak - image: quay.io/keycloak/keycloak:25.0.2 + image: quay.io/keycloak/keycloak:26.4.0 args: ["start-dev"] env: - - name: KEYCLOAK_ADMIN + - name: KC_BOOTSTRAP_ADMIN_USERNAME value: "admin" - - name: KEYCLOAK_ADMIN_PASSWORD + - name: KC_BOOTSTRAP_ADMIN_PASSWORD value: "admin" - - name: KC_PROXY - value: "edge" + - name: KC_HTTP_ENABLED + value: "true" + - name: KC_PROXY_HEADERS + value: "xforwarded" ports: - name: http containerPort: 8080 diff --git a/examples/custom-resources/oidc/keycloak_setup.md b/examples/custom-resources/oidc/keycloak_setup.md index 278e0fe32c..9874fc07bb 100644 --- a/examples/custom-resources/oidc/keycloak_setup.md +++ b/examples/custom-resources/oidc/keycloak_setup.md @@ -7,7 +7,7 @@ This guide will help you configure KeyCloak using Keycloak's API: **Notes**: -- This guide has been tested with keycloak 19.0.2 and later. If you modify `keycloak.yaml` to use an older version, +- This guide has been tested with keycloak 26.4.0 and later. If you modify `keycloak.yaml` to use an older version, Keycloak may not start correctly or the commands in this guide may not work as expected. The Keycloak OpenID endpoints `oidc.yaml` might also be different in older versions of Keycloak. - if you changed the admin username and password for Keycloak in `keycloak.yaml`, modify the commands accordingly.