docker - Setting up integration testing environment with KeyCloak in Docker
问题描述
I'm trying to setup integration testing environment for one of our Web API project that secured with KeyCloak. My idea is create the docker compose file where connect all required components and then try to call Web API hosted in contained and validate the response.
Here is the example of docker compose file that connect KeyCloak and Web API together
keycloak:
image: jboss/keycloak:3.4.3.Final
environment:
DB_VENDOR: POSTGRES
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
POSTGRES_PORT_5432_TCP_ADDR: postgres
POSTGRES_DATABASE: keycloak
JDBC_PARAMS: 'connectTimeout=30'
ports:
- '18080:8080'
- '18443:8443'
networks:
- integration-test
depends_on:
- postgres
test-web-api:
image: test-web-api
environment:
- IDENTITY_SERVER_URL=https://keycloak:18443/auth/realms/myrealm
networks:
- integration-test
ports:
- "28080:8080"
Now, when I host KeyCloak and Web API in different containers I can't get access from Web API container to KeyCloak using the localhost, so I need to use https://keycloak:18443/ but when I try it and get for example .well-known/openid-configuration from KeyCloak I get connection refused error:
root@0e77e9623717:/app# curl https://keycloak:18443/auth/realms/myrealm/.well-known/openid-configuration curl: (7) Failed to connect to keycloak port 18443: Connection refused
From the documentation I figured out that I need to enable SSL on KeyCloak but the whole process is a bit confused and it's not very clear what domain to use for the certificate...
If somebody had any experience with the situation like mine and could share it that would be great!
解决方案
目前尚不清楚您是如何配置integration-test
网络的,以及您在哪里运行集成测试(主机、容器)以获得确切答案。
但我会尝试。对于来自主机的 keycloak 访问:
https://<host IP or name>:18443/
从integration-test
网络中的容器:
https://keycloak:8443/
所以尝试配置test-web-api
:
IDENTITY_SERVER_URL=https://keycloak:8443/auth/realms/myrealm
并且您的 test-web-api 应该能够访问 keycloak。