Updated Keycloak helm chart to keycloak v4.4.0.Final.

[edclement]

Signed-off-by: Ed Clement ed.clement@gmail.com

What this PR does / why we need it:
Updates the helm chart for keycloak to use the latest keycloak version (v4.4.0.Final). This PR also updates the configmap to handle the new default entry point for the docker keycloak image.

Which issue this PR fixes
N/A

Special notes for your reviewer:
N/A

[unguiculus]

/ok-to-test

[unguiculus]

/assign

[unguiculus]

The CI job erroneously reports success. There's an issue with the chart-testing lib which I'll provide a fix for soon.

The update to 4.4.0 seems to require further changes.

/hold

[edclement]

@unguiculus

The update to 4.4.0 seems to require further changes.

I looked through the CI output and didn't see any issues. Anything I need to do? I've tested/deployed the chart with versions 4.3.0 and 4.4.0.

[unguiculus]

Did you deploy a cluster? Here's the error from the CI log:

I0910 18:35:31.105] 18:35:12,799 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 50) MSC000001: Failed to start service org.wildfly.clustering.jgroups.channel.ee: org.jboss.msc.service.StartException in service org.wildfly.clustering.jgroups.channel.ee: java.lang.IllegalArgumentException: java.security.PrivilegedActionException: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]
I0910 18:35:31.105] 	at org.jboss.as.clustering.jgroups.subsystem.ChannelBuilder.start(ChannelBuilder.java:100)
I0910 18:35:31.105] 	at org.wildfly.clustering.service.AsynchronousServiceBuilder.lambda$start$0(AsynchronousServiceBuilder.java:99)
I0910 18:35:31.105] 	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
I0910 18:35:31.106] 	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
I0910 18:35:31.106] 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
I0910 18:35:31.106] 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
... skipping 11 lines ...
I0910 18:35:31.108] Caused by: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]
I0910 18:35:31.108] 	at org.jgroups.stack.Protocol.setProperties(Protocol.java:144)
I0910 18:35:31.108] 	at org.jboss.as.clustering.jgroups.subsystem.AbstractProtocolConfigurationBuilder.lambda$createProtocol$0(AbstractProtocolConfigurationBuilder.java:108)
I0910 18:35:31.108] 	at org.wildfly.security.manager.WildFlySecurityManager.doUnchecked(WildFlySecurityManager.java:850)
I0910 18:35:31.108] 	... 10 more
I0910 18:35:31.109] 
I0910 18:35:31.109] 18:35:12,806 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
I0910 18:35:31.109]     ("subsystem" => "jgroups"),
I0910 18:35:31.109]     ("channel" => "ee")
I0910 18:35:31.109] ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.clustering.jgroups.channel.ee" => "java.lang.IllegalArgumentException: java.security.PrivilegedActionException: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]
I0910 18:35:31.109]     Caused by: java.lang.IllegalArgumentException: java.security.PrivilegedActionException: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]
I0910 18:35:31.110]     Caused by: java.security.PrivilegedActionException: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]
I0910 18:35:31.110]     Caused by: java.lang.IllegalArgumentException: Unrecognized JDBC_PING properties: [clear_table_on_view_change]"}}

[unguiculus]

@thomasdarimont I thought I'd ping you since you had updated last time.

[edclement]

@unguiculus

Did you deploy a cluster?

I did not.... Testing now using multiple nodes. Keycloak really needs to start using semantic versioning. By the way, which of the links at the bottom provide the log output you posted?

[edclement]

Looks like how clustering is handled using JDBC_PING changed significantly. I removed line 134 from the values.yaml file:

/subsystem=jgroups/stack=tcp/protocol=JDBC_PING/property=clear_table_on_view_change:add(value=true)

...just to see if that would correct the problem. It allows keycloak to start but the following deprecation warnings are output:

12:09:58,496 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0395: Operation add against the resource at address /subsystem=jgroups/stack=tcp/protocol=org.jgroups.protocols.JDBC_PING/property=datasource_jndi_name is deprecated, and it might be removed in future version. See the the output of the read-operation-description operation to learn more about the deprecation.
12:09:58,627 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0395: Operation add against the resource at address /subsystem=jgroups/stack=tcp/protocol=org.jgroups.protocols.JDBC_PING/property=break_on_coord_rsp is deprecated, and it might be removed in future version. See the the output of the read-operation-description operation to learn more about the deprecation.
12:09:58,714 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0028: Attribute 'socket-binding' in the resource at address '/subsystem=jgroups/stack=tcp/protocol=FD_SOCK' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
12:09:58,999 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0395: Operation add against the resource at address /subsystem=jgroups/stack=tcp/protocol=pbcast.GMS/property=max_join_attempts is deprecated, and it might be removed in future version. See the the output of the read-operation-description operation to learn more about the deprecation.
12:09:59,502 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0395: Operation add against the resource at address /subsystem=jgroups/stack=tcp/protocol=org.jgroups.protocols.JDBC_PING/property=initialize_sql is deprecated, and it might be removed in future version. See the the output of the read-operation-description operation to learn more about the deprecation.
12:09:59,555 INFO  [org.jboss.as.controller.management-deprecated] (pool-3-thread-2) WFLYCTL0395: Operation add against the resource at address /subsystem=jgroups/stack=tcp/protocol=org.jgroups.protocols.JDBC_PING/property=insert_single_sql is deprecated, and it might be removed in future version. See the the output of the read-operation-description operation to learn more about the deprecation.

I don't think this is going to be a small change (especially if we want to keep backward compatibility with keycloak 4.3.0 or lower).

I'll troubleshoot more this weekend. I didn't see any updated docs anywhere on this issue.

[mattfarina]

/check-dco

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: edclement
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: unguiculus

If they are not already assigned, you can assign the PR to them by writing /assign @unguiculus in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

@edclement: The following test failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
pull-charts-e2e	3c4bcef	link	/test pull-charts-e2e

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[axdotl]

Is there any update or can one support?

[unguiculus]

I created a new PR to update to 4.5.0.Final. See #8192. Please test and review. Thanks.