Merge branch 'main' into supportRealmRoleAttributesUpdate

adorsys · Jan 14, 2025 · b0636e2 · b0636e2
2 parents bfe83ac + 1e3badb
commit b0636e2
Show file tree

Hide file tree

Showing 69 changed files with 6,490 additions and 290 deletions.
diff --git a/.env b/.env
@@ -1,3 +1,3 @@
 # Used in docker-compose
 # shellcheck disable=SC2034
-KEYCLOAK_VERSION=25.0.1
+KEYCLOAK_VERSION=26.0.5
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -14,9 +14,10 @@ on:
   push:
     branches:
       - main
-    paths-ignore:
-      - 'README.md'
-      - 'CHANGELOG.md'
+    paths:
+      - 'contrib/charts/**'
+      - '!README.md'
+      - '!CHANGELOG.md'
     tags:
       - 'v*'
 
@@ -33,28 +34,41 @@ jobs:
         env:
           # we keep 18.0.2 for backwards compatibility with RH-SSO 7.6
           - KEYCLOAK_VERSION: 18.0.2
+            KEYCLOAK_CLIENT_VERSION: 18.0.2
           - KEYCLOAK_VERSION: 21.1.2
+            KEYCLOAK_CLIENT_VERSION: 21.1.2
           - KEYCLOAK_VERSION: 22.0.4
+            KEYCLOAK_CLIENT_VERSION: 22.0.4
           - KEYCLOAK_VERSION: 23.0.7
+            KEYCLOAK_CLIENT_VERSION: 23.0.7
           - KEYCLOAK_VERSION: 24.0.5
+            KEYCLOAK_CLIENT_VERSION: 24.0.5
           - KEYCLOAK_VERSION: 25.0.1
+            KEYCLOAK_CLIENT_VERSION: 25.0.1
+          - KEYCLOAK_VERSION: 26.0.5
+            KEYCLOAK_CLIENT_VERSION: 26.0.2
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v4.2.2
         with:
           fetch-depth: 0
 
       - name: Setup java
-        uses: actions/setup-java@v4.2.1
+        uses: actions/setup-java@v4.5.0
         with:
           distribution: 'temurin'
           java-version: 21
 
-      - uses: actions/cache@v4.0.2
+      - uses: actions/cache@v4.2.0
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-maven-${{ matrix.env.KEYCLOAK_VERSION }}-${{ hashFiles('**/pom.xml') }}
           restore-keys: ${{ runner.os }}-maven-${{ matrix.env.KEYCLOAK_VERSION }}
 
+      - name: Adapt sources for Keycloak versions < 26.0.0
+        if: ${{ matrix.env.KEYCLOAK_VERSION < '26.0.0' }}
+        run: |
+          echo "COMPATIBILITY_PROFILE=-Ppre-keycloak26" >> $GITHUB_ENV
+
       - name: Adapt sources for Keycloak versions < 23.0.0
         if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }}
         run: |
@@ -72,10 +86,10 @@ jobs:
           echo "COMPATIBILITY_PROFILE=-Ppre-keycloak19" >> $GITHUB_ENV
 
       - name: Build & Test
-        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} ${ADJUSTED_RESTEASY_VERSION} clean verify -Pcoverage ${COMPATIBILITY_PROFILE}
+        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} -Dkeycloak.client.version=${{ matrix.env.KEYCLOAK_CLIENT_VERSION }} ${ADJUSTED_RESTEASY_VERSION} clean verify -Pcoverage ${COMPATIBILITY_PROFILE}
 
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v4.5.0
+        uses: codecov/codecov-action@v5.1.1
         if: github.ref == 'refs/heads/main'
         with:
           file: "${{ github.workspace }}/target/site/jacoco/jacoco.xml"
@@ -87,14 +101,14 @@ jobs:
         run: echo "::set-output name=VERSION::$(tail -n1 .env | cut -d= -f2)"
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v3.2.0
+        uses: docker/login-action@v3.3.0
         if: startsWith(github.event.ref, 'refs/tags/v')
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
       - name: Login to Quay.io
-        uses: docker/login-action@v3.2.0
+        uses: docker/login-action@v3.3.0
         if: startsWith(github.event.ref, 'refs/tags/v')
         with:
           registry: quay.io
@@ -112,7 +126,7 @@ jobs:
 
       - name: Set up Docker Build Metadata
         id: docker_meta
-        uses: docker/metadata-action@v5.5.1
+        uses: docker/metadata-action@v5.6.1
         with:
           images: adorsys/keycloak-config-cli,quay.io/adorsys/keycloak-config-cli
           flavor: |
@@ -130,16 +144,17 @@ jobs:
             maintainer=adorsys GmbH & Co. KG
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3.0.0
+        uses: docker/setup-qemu-action@v3.2.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.3.0
+        uses: docker/setup-buildx-action@v3.7.1
 
       - name: Build and push
-        uses: docker/build-push-action@v5.4.0
+        uses: docker/build-push-action@v6.9.0
         with:
           build-args: |-
             KEYCLOAK_VERSION=${{ matrix.env.KEYCLOAK_VERSION }}
+            KEYCLOAK_CLIENT_VERSION=${{ matrix.env.KEYCLOAK_CLIENT_VERSION }}
             MAVEN_CLI_OPTS=${{ env.MAVEN_CLI_OPTS }} ${{ env.ADJUSTED_RESTEASY_VERSION }} ${{ env.COMPATIBILITY_PROFILE }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
@@ -155,7 +170,7 @@ jobs:
           cp target/keycloak-config-cli.jar keycloak-config-cli-${{ matrix.env.KEYCLOAK_VERSION }}.jar
           sha256sum keycloak-config-cli-${{ matrix.env.KEYCLOAK_VERSION }}.jar > keycloak-config-cli-${{ matrix.env.KEYCLOAK_VERSION }}.jar.sha256
 
-      - uses: actions/upload-artifact@v4.3.3
+      - uses: actions/upload-artifact@v4.4.3
         with:
           name: keycloak-config-cli-${{ matrix.env.KEYCLOAK_VERSION }}
           if-no-files-found: error
@@ -171,15 +186,15 @@ jobs:
       matrix:
         java: [17, 21]
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v4.2.2
 
       - name: Setup java ${{ matrix.java }}
-        uses: actions/setup-java@v4.2.1
+        uses: actions/setup-java@v4.5.0
         with:
           distribution: 'temurin'
           java-version: ${{ matrix.java }}
 
-      - uses: actions/cache@v4.0.2
+      - uses: actions/cache@v4.2.0
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-${{ matrix.java }}-maven-build-pom-${{ hashFiles('**/pom.xml') }}
@@ -207,16 +222,17 @@ jobs:
       matrix:
         env:
           - KEYCLOAK_VERSION: 19.0.3
+            KEYCLOAK_CLIENT_VERSION: 19.0.3
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v4.2.2
 
       - name: Setup java
-        uses: actions/setup-java@v4.2.1
+        uses: actions/setup-java@v4.5.0
         with:
           distribution: 'temurin'
           java-version: '21'
 
-      - uses: actions/cache@v4.0.2
+      - uses: actions/cache@v4.2.0
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-maven-keycloak-legacy-${{ hashFiles('**/pom.xml') }}
@@ -232,13 +248,13 @@ jobs:
           echo "COMPATIBILITY_PROFILE=-Ppre-keycloak22" >> $GITHUB_ENV
           echo "ADJUSTED_RESTEASY_VERSION=-Dresteasy.version=4.7.7.Final" >> $GITHUB_ENV
       - name: Build & Test
-        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} -Dkeycloak.dockerTagSuffix="-legacy" ${ADJUSTED_RESTEASY_VERSION} clean verify ${COMPATIBILITY_PROFILE}
+        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} -Dkeycloak.client.version=${{ matrix.env.KEYCLOAK_CLIENT_VERSION }} -Dkeycloak.dockerTagSuffix="-legacy" ${ADJUSTED_RESTEASY_VERSION} clean verify ${COMPATIBILITY_PROFILE}
 
   lint-other-files:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@v4.1.7
+      - uses: actions/checkout@v4.2.2
 
       - name: Lint .github/workflows/*.yaml files
         uses: ibiqlik/action-yamllint@v3.1.1
@@ -260,11 +276,11 @@ jobs:
         with:
           version: v3.4.0
 
-      - uses: actions/setup-python@v5.1.0
+      - uses: actions/setup-python@v5.3.0
         with:
           python-version: 3.7
 
-      - uses: actions/cache@v4.0.2
+      - uses: actions/cache@v4.2.0
         with:
           path: ~/.cache/pip
           key: ${{ runner.os }}-pip-chart-testing-action
@@ -283,17 +299,18 @@ jobs:
     needs: [build]
     if: startsWith(github.ref, 'refs/tags/v')
     steps:
-      - uses: actions/download-artifact@v4.1.7
+      - uses: actions/download-artifact@v4.1.8
         with:
           path: assets
+          pattern: keycloak-config-cli*
       - name: Write release tag without v
         id: strip-v-tag
         run: |
           TAG=${GITHUB_REF_NAME#v}
           echo Tag: $Tag
           echo "::set-output name=tag::$TAG"
       - name: Create Release
-        uses: softprops/action-gh-release@v2.0.6
+        uses: softprops/action-gh-release@v2.1.0
         with:
           name: Release ${{ github.ref_name }}
           draft: false
@@ -313,3 +330,26 @@ jobs:
             ## Quay.io
 
             * https://quay.io/repository/adorsys/keycloak-config-cli?tab=tags
+
+  publish-helm-chart:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
+    needs: [build, build-pom-version, build-legacy, lint-other-files]
+    steps:
+      - uses: actions/checkout@v4.2.2
+        with:
+          fetch-depth: 0
+      - name: Set up Helm
+        uses: azure/setup-helm@v4.2.0
+        with:
+          version: v3.4.0
+      - name: Publish Helm chart
+        uses: stefanprodan/helm-gh-pages@v1.7.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          charts_dir: contrib/charts/keycloak-config-cli
+          charts_url: https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}/helm-charts
+          branch: gh-pages
+          target_dir: helm-charts
+          index_dir: helm-charts
+          linting: false
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,79 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
 
+### Added
+- Publish charts with github pages [#941](https://github.com/adorsys/keycloak-config-cli/issues/941)
+
+### Fixed
+-  Fix Initial Credentials Causes Update [819](https://github.com/adorsys/keycloak-config-cli/issues/819)
+
+
+## [6.2.1] - 2024-12-05
+### Fixed
+- Fix ci failure actions/upload-artifact@v4 new public artifacts are no longer accessible
+## [6.2.0] - 2024-12-03
+### Fix Fails to delete authentication flow when it's referenced as an IdP [#868](https://github.com/adorsys/keycloak-config-cli/issues/868)
+-
+## Fixed
+- otpPolicyAlgorithm ignored during import [#847](https://github.com/adorsys/keycloak-config-cli/issues/847)
+
+### Added
+
+- Added Navigation in the readme [#1187](https://github.com/adorsys/keycloak-config-cli/issues/1187)
+### Added
+- Improve documentation of managed resources, particularly user federations [#826](https://github.com/adorsys/keycloak-config-cli/issues/826)
+
+- Added Navigation in the readme [#1099](https://github.com/adorsys/keycloak-config-cli/issues/1099)
+
+### Added
+- improved logging for realm retrieval errors [#1010](https://github.com/adorsys/keycloak-config-cli/issues/1010)
+### Fixed
+- Fix required action import handling for no-delete option [#834](https://github.com/adorsys/keycloak-config-cli/issues/834)
+
+
+### Fixed
+- Fix to manage Remote state import for clientscopes and scopeMappings [#1012](https://github.com/adorsys/keycloak-config-cli/issues/1012)
+
+### Fixed
+- Fixed to delete protocol mappers if not in the import[#746](https://github.com/orgs/adorsys/projects/5/views/1?pane=issue&itemId=80856370&issue=adorsys%7Ckeycloak-config-cli%7C746)
+
+### Fixed
+- Allow environment variables from existing secrets [#822](https://github.com/adorsys/keycloak-config-cli/issues/822)
+
+### Fixed
+- Fix  versioning in artifact to contain the correct keycloak version [#1097](https://github.com/adorsys/keycloak-config-cli/issues/1097)
+
+- Updated CI to use Keycloak 26.0.5
+
+### Fixed
+
+- Allow executions of same provider with different configurations in Sub-Auth-Flows
+- Fix enabling a realm clears the value of eventsExpiration
+
+## [6.1.11] - 2024-10-14
+
+- Fix env.JAVA_HOME test failures by ensuring env is set before build
+
+## [6.1.10] - 2024-10-04
+
+
+- Fixed securityContext entries in job template
+
+
+- Added support for User Profile Setting: `unmanagedAttributePolicy`
+
+- Crash after inserting more than 100 roles in realm-management authorization
+  [#1090](/adorsys/keycloak-config-cli/issues/1090):
+
+- NPE when using custom policy in AuthorizationPolicy [#1095](/adorsys/keycloak-config-cli/issues/1095):
+
+- Fix Keycloak startup issue with admin-fine-grained-authz feature flag
+
+## [6.1.7] - 2024-09-30
+
+## [6.1.6] - 2024-07-26
+
+
 ## [6.1.5] - 2024-06-27
 
 ## [6.1.3] - 2024-06-27
@@ -39,6 +112,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Upgrade to Spring Boot 3
     - This affects the capability of the path matcher
 
+- Added option to calculate checksum for each import file ([#1015](https://github.com/adorsys/keycloak-config-cli/issues/1015))
+
 ## [5.12.0] - 2024-03-28
 - Added support for managing message bundles
 
@@ -773,7 +848,14 @@ A lot of import properties are added over the years. this major release of keycl
 
 <!-- @formatter:off -->
 
-[Unreleased]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.5...HEAD
+[Unreleased]: https://github.com/adorsys/keycloak-config-cli/compare/v6.2.1...HEAD
+[6.2.1]: https://github.com/adorsys/keycloak-config-cli/compare/v6.2.0...v6.2.1
+[6.2.0]: https://github.com/adorsys/keycloak-config-cli/compare/vFixed...v6.2.0
+[Fixed]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.11...vFixed
+[6.1.11]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.10...v6.1.11
+[6.1.10]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.7...v6.1.10
+[6.1.7]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.6...v6.1.7
+[6.1.6]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.5...v6.1.6
 [6.1.5]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.3...v6.1.5
 [6.1.3]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.2...v6.1.3
 [6.1.2]: https://github.com/adorsys/keycloak-config-cli/compare/v6.1.1...v6.1.2

diff --git a/Dockerfile b/Dockerfile
@@ -6,7 +6,8 @@ FROM ${BUILDER_IMAGE} AS BUILDER
 
 WORKDIR /app/
 
-ARG KEYCLOAK_VERSION=25.0.1
+ARG KEYCLOAK_VERSION=26.0.5
+ARG KEYCLOAK_CLIENT_VERSION=26.0.2
 ARG MAVEN_CLI_OPTS="-ntp -B"
 
 COPY .mvn .mvn
@@ -17,7 +18,8 @@ RUN ./mvnw ${MAVEN_CLI_OPTS} -q dependency:go-offline
 
 COPY src src
 
-RUN ./mvnw ${MAVEN_CLI_OPTS} clean package -DskipTests -Dkeycloak.version=${KEYCLOAK_VERSION} \
+RUN ./mvnw ${MAVEN_CLI_OPTS} clean package -DskipTests \
+    -Dkeycloak.version=${KEYCLOAK_VERSION} -Dkeycloak.client.version=${KEYCLOAK_CLIENT_VERSION} \
     -Dlicense.skipCheckLicense -Dcheckstyle.skip -Dmaven.test.skip=true -Dmaven.site.skip=true \
     -Dmaven.javadoc.skip=true -Dmaven.gitcommitid.skip=true