fix: keycloak probes failure and intermittent perforamance issues (#1007

) * fix: keycloak probes failure results in pod crash Signed-off-by: iam-veeramalla <abhishek.veeramalla@gmail.com> * fix: use latest keycloak image to handle performance issue Signed-off-by: iam-veeramalla <abhishek.veeramalla@gmail.com> --------- Signed-off-by: iam-veeramalla <abhishek.veeramalla@gmail.com>
argoproj-labs · Sep 26, 2023 · 75d6cf4 · 75d6cf4
1 parent aa6ab4e
commit 75d6cf4
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 8 deletions.
diff --git a/common/defaults.go b/common/defaults.go
@@ -186,8 +186,8 @@ const (
 	ArgoCDKeycloakImageForOpenShift = "registry.redhat.io/rh-sso-7/sso76-openshift-rhel8"
 
 	// ArgoCDKeycloakVersionForOpenShift is the default Keycloak version used for the OpenShift platform when not specified.
-	// Version: 7.6-25
-	ArgoCDKeycloakVersionForOpenShift = "sha256:bb6dc12a49370ba6baa40cfa064238cddcfd1edb22c37dcdf53d331c0f7ee15d"
+	// Version: 7.6-32
+	ArgoCDKeycloakVersionForOpenShift = "sha256:ec9f60018694dcc5d431ba47d5536b761b71cb3f66684978fe6bb74c157679ac"
 
 	// ArgoCDDefaultOIDCConfig is the default OIDC configuration.
 	ArgoCDDefaultOIDCConfig = ""

diff --git a/controllers/argocd/keycloak.go b/controllers/argocd/keycloak.go
@@ -282,7 +282,7 @@ func getKeycloakContainer(cr *argoproj.ArgoCD) corev1.Container {
 		Image:           getKeycloakContainerImage(cr),
 		ImagePullPolicy: "Always",
 		LivenessProbe: &corev1.Probe{
-			TimeoutSeconds: 120,
+			TimeoutSeconds: 240,
 			ProbeHandler: corev1.ProbeHandler{
 				Exec: &corev1.ExecAction{
 					Command: []string{
@@ -292,7 +292,7 @@ func getKeycloakContainer(cr *argoproj.ArgoCD) corev1.Container {
 					},
 				},
 			},
-			InitialDelaySeconds: 60,
+			InitialDelaySeconds: 120,
 		},
 		Name: "${APPLICATION_NAME}",
 		Ports: []corev1.ContainerPort{
@@ -302,7 +302,8 @@ func getKeycloakContainer(cr *argoproj.ArgoCD) corev1.Container {
 			{ContainerPort: 8888, Name: "ping", Protocol: "TCP"},
 		},
 		ReadinessProbe: &corev1.Probe{
-			TimeoutSeconds: 120,
+			TimeoutSeconds:      240,
+			InitialDelaySeconds: 120,
 			ProbeHandler: corev1.ProbeHandler{
 				Exec: &corev1.ExecAction{
 					Command: []string{

diff --git a/controllers/argocd/keycloak_test.go b/controllers/argocd/keycloak_test.go
@@ -113,7 +113,7 @@ func TestKeycloakContainerImage(t *testing.T) {
 			}),
 			updateCrFunc:       nil,
 			templateAPIFound:   true,
-			wantContainerImage: "registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:bb6dc12a49370ba6baa40cfa064238cddcfd1edb22c37dcdf53d331c0f7ee15d",
+			wantContainerImage: "registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:ec9f60018694dcc5d431ba47d5536b761b71cb3f66684978fe6bb74c157679ac",
 		},
 		{
 			name: "ArgoCDKeycloakImageEnvName env var set",
@@ -249,7 +249,7 @@ func TestNewKeycloakTemplate_testKeycloakContainer(t *testing.T) {
 	}
 	kc := getKeycloakContainer(a)
 	assert.Equal(t,
-		"registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:bb6dc12a49370ba6baa40cfa064238cddcfd1edb22c37dcdf53d331c0f7ee15d", kc.Image)
+		"registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:ec9f60018694dcc5d431ba47d5536b761b71cb3f66684978fe6bb74c157679ac", kc.Image)
 	assert.Equal(t, corev1.PullAlways, kc.ImagePullPolicy)
 	assert.Equal(t, "${APPLICATION_NAME}", kc.Name)
 }

diff --git a/tests/ocp/1-001_validate_rhsso/01-assert.yaml b/tests/ocp/1-001_validate_rhsso/01-assert.yaml
@@ -33,7 +33,7 @@ spec:
       name: keycloak
     spec:
       containers:
-      - image: registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:bb6dc12a49370ba6baa40cfa064238cddcfd1edb22c37dcdf53d331c0f7ee15d
+      - image: registry.redhat.io/rh-sso-7/sso76-openshift-rhel8@sha256:ec9f60018694dcc5d431ba47d5536b761b71cb3f66684978fe6bb74c157679ac
         resources:
           limits:
             cpu: "1"