change docker compose to add init script that automatically fills use…

…rs with kcadm.sh

Dockerfile

@@ -10,5 +10,12 @@ FROM quay.io/keycloak/keycloak:20.0.3
 
 COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
 COPY --from=builder /opt/keycloak/providers/ /opt/keycloak/providers/
+COPY ./initialize-poc.sh /opt/keycloak/bin
+COPY ./init.sh /opt/keycloak/bin
 
-ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "--debug","start-dev"]
+USER root
+RUN chmod -R 554 /opt/keycloak/bin/initialize-poc.sh
+RUN chmod -R 554 /opt/keycloak/bin/init.sh
+
+USER 1000
+ENTRYPOINT ["/opt/keycloak/bin/init.sh"]

docker-compose.yml

@@ -1,16 +1,16 @@
 version: '3'
 
 volumes:
-  postgres_data:
+  kc_postgres_data:
     driver: local
   sdb_postgres_data:
     driver: local
 
 services:
-  postgres:
+  kc_postgres:
     image: postgres:latest
     volumes:
-      - postgres_data:/var/lib/postgresql/data
+      - kc_postgres_data:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: keycloak
       POSTGRES_USER: keycloak
@@ -25,7 +25,7 @@ services:
       KEYCLOAK_PASSWORD: password
       KEYCLOAK_ADMIN: admin
       KEYCLOAK_ADMIN_PASSWORD: password
-      KC_DB_URL_HOST: postgres
+      KC_DB_URL_HOST: kc_postgres
       KC_DB_URL_DATABASE: keycloak
       KC_DB_SCHEMA: public
       KC_DB_USERNAME: keycloak
@@ -46,8 +46,9 @@ services:
       - 8080:8080
       - 8443:8443
       - 8787:8787 # debug
+   # entrypoint: ["/opt/keycloak/bin/kc.sh", "--debug","start-dev"]
     depends_on:
-      - postgres
+      - kc_postgres
       - spicedb
     networks:
       default:

init.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+function main() {
+    # Parameters
+    /opt/keycloak/bin/initialize-poc.sh &
+
+    # Launch base container entrypoint with container's runtime cmd arguments..."
+    /opt/keycloak/bin/kc.sh --debug start-dev
+}
+
+main "$@"

initialize-poc.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+function wait_for_keycloak() {
+  local -r MAX_WAIT=60
+  local curl_request
+  local host_url="http://localhost:8080/"
+  local wait_time
+
+  curl_request="curl -I -f -s ${host_url}"
+  wait_time=0
+
+  # Waiting for the application to return a 200 status code.
+  until ${curl_request}; do
+    if [[ ${wait_time} -ge ${MAX_WAIT} ]]; then
+      echo "Keycloake did not start within ${MAX_WAIT} seconds. Aborting."
+      exit 1
+    else
+      echo "Keycloak not started yet. Waiting (${wait_time}/${MAX_WAIT}) ..."
+      sleep 1
+      ((++wait_time))
+    fi
+  done
+
+  echo "${host_url} is now up and running. Continuing to setup keycloak using kcadm.sh..."
+}
+
+# Waiting for Keycloak to start before proceeding with the configurations.
+wait_for_keycloak
+
+#then start kcadm.sh
+echo "Connecting kcadm.sh..."
+
+/opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user $KEYCLOAK_ADMIN --password $KEYCLOAK_ADMIN_PASSWORD
+
+echo "Success! Now adding spicedb-events to master-realm..."
+/opt/keycloak/bin/kcadm.sh update events/config -r master -s 'eventsListeners=["jboss-logging","spicedb-events"]'
+
+echo "Success! Now adding users to master-realm including org_id field..."
+# Users
+/opt/keycloak/bin/kcadm.sh create users -r master -s username=paula -s firstName=Paula -s lastName=Von -s enabled=true -s [email protected] -s "attributes.org_id=12345"
+/opt/keycloak/bin/kcadm.sh set-password -r master --username paula --new-password demo1234!
+/opt/keycloak/bin/kcadm.sh create users -r master -s username=peter -s firstName=Peter -s lastName=Anderson -s enabled=true -s [email protected] -s "attributes.org_id=12345"
+/opt/keycloak/bin/kcadm.sh set-password -r master --username peter --new-password demo1234!
+/opt/keycloak/bin/kcadm.sh create users -r master -s username=richard  -s firstName=Richard -s lastName=Miles -s enabled=true -s [email protected] -s "attributes.org_id=23456"
+/opt/keycloak/bin/kcadm.sh set-password -r master --username richard --new-password demo1234!