Giters

codecentric / helm-charts

A curated set of Helm charts brought to you by codecentric

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[keycloakx] Use Google's cloudsql-proxy sidecar and Keycloak theme init container together

aleksvidak opened this issue · comments

commented

Is it possible to use Google's cloudsql-proxy sidecar and Keycloak theme init container together, since it seems skipInitContainers property has to be set to 'true' for the pod to run successfully? On the other hand, this prevents Keycloak init container to start and pick up the custom theme.

This is our config:

skipInitContainers: true

replicas: 2

rbac:
  create: true
  rules:
    - apiGroups:
        - ""
      resources:
        - pods
      verbs:
        - get
        - list

podDisruptionBudget:
  minAvailable: 1

database:
  vendor: postgres
  hostname: "127.0.0.1"
  port: 5432
  database: "${keycloak_db}"

command:
  - "/opt/keycloak/bin/kc.sh"
  - "start"
  - "--auto-build"
  - "--http-enabled=true"
  - "--http-port=8080"
  - "--hostname-strict=false"
  - "--hostname-strict-https=false"

proxy:
  enabled: true
  mode: "passthrough"

extraEnv: |
  - name: JAVA_TOOL_OPTIONS
    value: -Dfile.encoding=UTF8
  - name: JAVA_OPTS_APPEND
    value: >-
      -Djgroups.dns.query={{ include "keycloak.fullname" . }}-headless
  - name: KC_DB_SCHEMA
    value: "${keycloak_schema}"
  - name: KC_DB_USERNAME
    valueFrom:
      secretKeyRef:
        name: "${user_secret}"
        key: username
  - name: KC_DB_PASSWORD
    valueFrom:
      secretKeyRef:
        name: "${user_secret}"
        key: password

extraInitContainers: |
  - name: theme-provider
    image: europe-west4-docker.pkg.dev/xxx/docker-repository/keycloak-theme:0.0.1
    imagePullPolicy: IfNotPresent
    command:
      - sh
    args:
      - -c
      - |
        echo "Copying theme..."
        cp -R /themes/custom-theme/* /theme
    volumeMounts:
      - name: theme
        mountPath: /theme

extraVolumeMounts: |
  - name: theme
    mountPath: /opt/keycloak/themes/custom-theme

extraVolumes: |
  - name: theme
    emptyDir: {}

extraContainers: |
  - name: cloud-sql-proxy
    image: gcr.io/cloudsql-docker/gce-proxy:1.30.0
    command:
      - "/cloud_sql_proxy"
      - "-instances=${project_id}:${region}:${db_instance_name}=tcp:5432"
      - "-log_debug_stdout=true"
    securityContext:
      runAsNonRoot: true

When applying same config without using skipInitContainers: true, we get standard_init_linux.go:228: exec user process caused: exec format error.

commented

Invalid, seems the problem was building the keycloak theme image on Mac M1.