CODEWITHSUNDEEP
dockersslopenssldocker-composekeycloak
A. Wheatman
A. Wheatman

Reputation: 6378

Setting up integration testing environment with KeyCloak in Docker

I'm trying to setup integration testing environment for one of our Web API project that secured with KeyCloak. My idea is create the docker compose file where connect all required components and then try to call Web API hosted in contained and validate the response.

Here is the example of docker compose file that connect KeyCloak and Web API together

keycloak:
  image: jboss/keycloak:3.4.3.Final
  environment:
    DB_VENDOR: POSTGRES
    KEYCLOAK_USER: admin
    KEYCLOAK_PASSWORD: admin
    POSTGRES_USER: keycloak
    POSTGRES_PASSWORD: keycloak
    POSTGRES_PORT_5432_TCP_ADDR: postgres
    POSTGRES_DATABASE: keycloak
    JDBC_PARAMS: 'connectTimeout=30'
  ports:
    - '18080:8080'
    - '18443:8443'
  networks:
    - integration-test
  depends_on:
    - postgres

test-web-api:
    image: test-web-api
    environment:
    - IDENTITY_SERVER_URL=https://keycloak:18443/auth/realms/myrealm
    networks:
    - integration-test
    ports:
    - "28080:8080"

Now, when I host KeyCloak and Web API in different containers I can't get access from Web API container to KeyCloak using the localhost, so I need to use https://keycloak:18443/ but when I try it and get for example .well-known/openid-configuration from KeyCloak I get connection refused error:

root@0e77e9623717:/app# curl https://keycloak:18443/auth/realms/myrealm/.well-known/openid-configuration curl: (7) Failed to connect to keycloak port 18443: Connection refused

From the documentation I figured out that I need to enable SSL on KeyCloak but the whole process is a bit confused and it's not very clear what domain to use for the certificate...

If somebody had any experience with the situation like mine and could share it that would be great!

Upvotes: 0

Views: 2135

Answers (1)

Jan Garaj
Jan Garaj

Reputation: 28656

It is not clear how did you configure integration-test network and where are you running your integration tests (host, container) to get the exact answer.

But I try. For keycloak access from the host:

https://<host IP or name>:18443/

From the container in the integration-test network:

https://keycloak:8443/

So try to configure test-web-api:

IDENTITY_SERVER_URL=https://keycloak:8443/auth/realms/myrealm

and your test-web-api should be able to reach keycloak.

Upvotes: 1

Related Questions