[MGDSTRM-10764] Update Keycloak to version 21 for OpenShift 4.12 (#873)

Signed-off-by: Michael Edgar <medgar@redhat.com>

systemtest/pom.xml

@@ -24,6 +24,12 @@
             <groupId>org.bf2</groupId>
             <artifactId>kas-fleetshard-test</artifactId>
             <version>${project.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.jboss.slf4j</groupId>
+                    <artifactId>slf4j-jboss-logmanager</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>io.quarkus</groupId>
@@ -65,19 +71,14 @@
             <id>systemtest</id>
             <properties>
                 <it.skip>false</it.skip>
+                <skipTests>true</skipTests>
                 <basepom.check.skip-all>true</basepom.check.skip-all>
             </properties>
         </profile>
     </profiles>
 
     <build>
         <plugins>
-            <plugin>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <skipTests>!${it.skip}</skipTests>
-                </configuration>
-            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-failsafe-plugin</artifactId>
@@ -98,7 +99,11 @@
                         <include>**/ST*.java</include>
                         <include>**/*ST.java</include>
                     </includes>
+                    <skipITs>${it.skip}</skipITs>
                     <skipTests>${it.skip}</skipTests>
+                    <systemPropertyVariables>
+                        <java.util.logging.manager>org.jboss.logmanager.LogManager</java.util.logging.manager>
+                    </systemPropertyVariables>
                     <statelessTestsetReporter implementation="org.apache.maven.plugin.surefire.extensions.junit5.JUnit5Xml30StatelessReporter">
                         <disable>false</disable>
                         <version>3.0</version>

systemtest/src/main/java/org/bf2/systemtest/framework/KeycloakInstance.java

@@ -1,26 +1,21 @@
 package org.bf2.systemtest.framework;
 
 import io.fabric8.kubernetes.api.model.Secret;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 import org.bf2.test.k8s.KubeClient;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
 
 public class KeycloakInstance {
-    private static final Logger LOGGER = LogManager.getLogger(KeycloakInstance.class);
+
     public static final String KEYCLOAK_SECRET_NAME = "sso-x509-https-secret";
     public static final String KEYCLOAK_SECRET_CERT = "tls.crt";
-    public static final String ADMIN_SECRET = "credential-example-keycloak";
+    public static final String ADMIN_SECRET = "keycloak-initial-admin";
 
-    private final int jwksExpireSeconds = 500;
-    private final int jwksRefreshSeconds = 400;
     private final String username;
     private final String password;
     private final String namespace;
     private final String httpsUri;
-    private final String httpUri;
 
     private String validIssuerUri;
     private String jwksEndpointUri;
@@ -30,14 +25,12 @@ public class KeycloakInstance {
     private String fallbackUserNameClaim;
     private final String keycloakCert;
 
-
     public KeycloakInstance(String namespace) {
         Secret secret = KubeClient.getInstance().client().secrets().inNamespace(namespace).withName(ADMIN_SECRET).get();
-        this.username = new String(Base64.getDecoder().decode(secret.getData().get("ADMIN_USERNAME").getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
-        this.password = new String(Base64.getDecoder().decode(secret.getData().get("ADMIN_PASSWORD").getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
+        this.username = new String(Base64.getDecoder().decode(secret.getData().get("username").getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
+        this.password = new String(Base64.getDecoder().decode(secret.getData().get("password").getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
         this.namespace = namespace;
-        this.httpsUri = "keycloak." + namespace + ".svc:8443";
-        this.httpUri = "keycloak-discovery." + namespace + ".svc:8080";
+        this.httpsUri = "keycloak-service." + namespace + ".svc:8443";
         this.validIssuerUri = "https://" + httpsUri + "/auth/realms/demo";
         this.jwksEndpointUri = "https://" + httpsUri + "/auth/realms/demo/protocol/openid-connect/certs";
         this.oauthTokenEndpointUri = "https://" + httpsUri + "/auth/realms/demo/protocol/openid-connect/token";
@@ -47,24 +40,6 @@ public KeycloakInstance(String namespace) {
         this.keycloakCert = readKeycloakCert();
     }
 
-    public void setRealm(String realmName, boolean tlsEnabled) {
-        LOGGER.info("Replacing validIssuerUri: {} to pointing to {} realm", validIssuerUri, realmName);
-        LOGGER.info("Replacing jwksEndpointUri: {} to pointing to {} realm", jwksEndpointUri, realmName);
-        LOGGER.info("Replacing oauthTokenEndpointUri: {} to pointing to {} realm", oauthTokenEndpointUri, realmName);
-
-        if (tlsEnabled) {
-            LOGGER.info("Using HTTPS endpoints");
-            validIssuerUri = "https://" + httpsUri + "/auth/realms/" + realmName;
-            jwksEndpointUri = "https://" + httpsUri + "/auth/realms/" + realmName + "/protocol/openid-connect/certs";
-            oauthTokenEndpointUri = "https://" + httpsUri + "/auth/realms/" + realmName + "/protocol/openid-connect/token";
-        } else {
-            LOGGER.info("Using HTTP endpoints");
-            validIssuerUri = "http://" + httpUri + "/auth/realms/" + realmName;
-            jwksEndpointUri = "http://" + httpUri + "/auth/realms/" + realmName + "/protocol/openid-connect/certs";
-            oauthTokenEndpointUri = "http://" + httpUri + "/auth/realms/" + realmName + "/protocol/openid-connect/token";
-        }
-    }
-
     public String getUsername() {
         return username;
     }
@@ -81,10 +56,6 @@ public String getHttpsUri() {
         return httpsUri;
     }
 
-    public String getHttpUri() {
-        return httpUri;
-    }
-
     public String getValidIssuerUri() {
         return validIssuerUri;
     }
@@ -133,14 +104,6 @@ public void setFallbackUserNameClaim(String fallbackUserNameClaim) {
         this.fallbackUserNameClaim = fallbackUserNameClaim;
     }
 
-    public int getJwksExpireSeconds() {
-        return jwksExpireSeconds;
-    }
-
-    public int getJwksRefreshSeconds() {
-        return jwksRefreshSeconds;
-    }
-
     public String getKeycloakCert() {
         return keycloakCert;
     }
@@ -154,12 +117,9 @@ private String readKeycloakCert() {
     @Override
     public String toString() {
         return "KeycloakInstance{" +
-                "jwksExpireSeconds=" + jwksExpireSeconds + System.lineSeparator() +
-                ", jwksRefreshSeconds=" + jwksRefreshSeconds + System.lineSeparator() +
-                ", username='" + username + '\'' + System.lineSeparator() +
+                "username='" + username + '\'' + System.lineSeparator() +
                 ", password='" + password + '\'' + System.lineSeparator() +
                 ", httpsUri='" + httpsUri + '\'' + System.lineSeparator() +
-                ", httpUri='" + httpUri + '\'' + System.lineSeparator() +
                 ", validIssuerUri='" + validIssuerUri + '\'' + System.lineSeparator() +
                 ", jwksEndpointUri='" + jwksEndpointUri + '\'' + System.lineSeparator() +
                 ", oauthTokenEndpointUri='" + oauthTokenEndpointUri + '\'' + System.lineSeparator() +

systemtest/src/main/java/org/bf2/systemtest/framework/LogCollector.java

@@ -1,6 +1,7 @@
 package org.bf2.systemtest.framework;
 
 import io.fabric8.kubernetes.api.model.Pod;
+import io.fabric8.kubernetes.api.model.PodStatus;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.bf2.systemtest.operator.FleetShardOperatorManager;
@@ -14,6 +15,7 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.List;
+import java.util.Optional;
 
 public class LogCollector {
     private static final Logger LOGGER = LogManager.getLogger(LogCollector.class);
@@ -27,7 +29,7 @@ public static void saveKubernetesState(ExtensionContext extensionContext, Throwa
                 LOGGER.info("Pod: {} in ns: {} with phase: {}",
                         p.getMetadata().getName(),
                         p.getMetadata().getNamespace(),
-                        p.getStatus().getPhase()));
+                        Optional.ofNullable(p.getStatus()).map(PodStatus::getPhase).orElse("null")));
 
         Path logPath = TestUtils.getLogPath(Environment.LOG_DIR.resolve("failedTest").toString(), extensionContext);
         Files.createDirectories(logPath);

systemtest/src/main/java/org/bf2/systemtest/framework/SystemTestEnvironment.java

@@ -59,7 +59,7 @@ public class SystemTestEnvironment extends Environment {
     public static final Path YAML_SYNC_BUNDLE_PATH = Environment.getOrDefault(YAML_SYNC_BUNDLE_PATH_ENV, Paths::get, Paths.get(ROOT_PATH.toString(), "sync", "target", "kubernetes", "kubernetes.yml"));
     public static final String FLEET_SHARD_PULL_SECRET_PATH = Environment.getOrDefault(FLEET_SHARD_PULL_SECRET_PATH_ENV, "");
 
-    public static final String KEYCLOAK_VERSION = Environment.getOrDefault("KEYCLOAK_VERSION", "14.0.0");
+    public static final String KEYCLOAK_VERSION = Environment.getOrDefault("KEYCLOAK_VERSION", "21.0.0");
     public static final boolean INSTALL_KEYCLOAK = Environment.getOrDefault("INSTALL_KEYCLOAK", Boolean::parseBoolean, true);
 
     public static void logEnvironment() {