diff --git a/.k8s/local/README.md b/.k8s/local/README.md index 0c9fa29..76f9b79 100644 --- a/.k8s/local/README.md +++ b/.k8s/local/README.md @@ -26,7 +26,7 @@ data: .:53 { log errors - rewrite name sso.carres.local host.minikube.internal <-------- this one + rewrite name sso.carres.local <-------- this one health { lameduck 5s } @@ -80,4 +80,13 @@ This would enable the browser to access the whole ecosystem locally. kubectl apply -f .k8s/local/carres-\*.yaml ``` -It takes about 1 minute for the project to start due to Keycloak initialization. \ No newline at end of file +It takes about 1 minute for the project to start due to Keycloak initialization. + + +## 5. (For Windows / OSX) + +Run tunnelling: + +``` +minikube tunnel +``` \ No newline at end of file diff --git a/.k8s/local/carres-rmq-template.yaml b/.k8s/local/carres-rmq-template.yaml index 722a1f1..54c3582 100644 --- a/.k8s/local/carres-rmq-template.yaml +++ b/.k8s/local/carres-rmq-template.yaml @@ -6,10 +6,11 @@ metadata: name: rmq-rabbitmq namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 automountServiceAccountToken: true secrets: - name: rmq-rabbitmq @@ -21,14 +22,15 @@ metadata: name: rmq-rabbitmq-config namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 type: Opaque data: rabbitmq.conf: |- - IyMgVXNlcm5hbWUgYW5kIHBhc3N3b3JkCiMjCmRlZmF1bHRfdXNlciA9IHJtcV9hZG1pbgojIyBDbHVzdGVyaW5nCiMjCmNsdXN0ZXJfZm9ybWF0aW9uLnBlZXJfZGlzY292ZXJ5X2JhY2tlbmQgID0gcmFiYml0X3BlZXJfZGlzY292ZXJ5X2s4cwpjbHVzdGVyX2Zvcm1hdGlvbi5rOHMuaG9zdCA9IGt1YmVybmV0ZXMuZGVmYXVsdApjbHVzdGVyX2Zvcm1hdGlvbi5ub2RlX2NsZWFudXAuaW50ZXJ2YWwgPSAxMApjbHVzdGVyX2Zvcm1hdGlvbi5ub2RlX2NsZWFudXAub25seV9sb2dfd2FybmluZyA9IHRydWUKY2x1c3Rlcl9wYXJ0aXRpb25faGFuZGxpbmcgPSBhdXRvaGVhbAoKIyBxdWV1ZSBtYXN0ZXIgbG9jYXRvcgpxdWV1ZV9tYXN0ZXJfbG9jYXRvciA9IG1pbi1tYXN0ZXJzCiMgZW5hYmxlIGxvb3BiYWNrIHVzZXIKbG9vcGJhY2tfdXNlcnMucm1xX2FkbWluID0gZmFsc2UKI2RlZmF1bHRfdmhvc3QgPSBjYXJyZXMtdmhvc3QKI2Rpc2tfZnJlZV9saW1pdC5hYnNvbHV0ZSA9IDUwTUI= + IyMgVXNlcm5hbWUgYW5kIHBhc3N3b3JkCiMjCmRlZmF1bHRfdXNlciA9IHVzZXIKIyMgQ2x1c3RlcmluZwojIwpjbHVzdGVyX2Zvcm1hdGlvbi5wZWVyX2Rpc2NvdmVyeV9iYWNrZW5kICA9IHJhYmJpdF9wZWVyX2Rpc2NvdmVyeV9rOHMKY2x1c3Rlcl9mb3JtYXRpb24uazhzLmhvc3QgPSBrdWJlcm5ldGVzLmRlZmF1bHQKY2x1c3Rlcl9mb3JtYXRpb24ubm9kZV9jbGVhbnVwLmludGVydmFsID0gMTAKY2x1c3Rlcl9mb3JtYXRpb24ubm9kZV9jbGVhbnVwLm9ubHlfbG9nX3dhcm5pbmcgPSB0cnVlCmNsdXN0ZXJfcGFydGl0aW9uX2hhbmRsaW5nID0gYXV0b2hlYWwKCmNsdXN0ZXJfZm9ybWF0aW9uLnRhcmdldF9jbHVzdGVyX3NpemVfaGludCA9IDEKCmxvYWRfZGVmaW5pdGlvbnMgPSAvYXBwL2xvYWRfZGVmaW5pdGlvbi5qc29uCiMgcXVldWUgbWFzdGVyIGxvY2F0b3IKcXVldWVfbWFzdGVyX2xvY2F0b3IgPSBtaW4tbWFzdGVycwojIGVuYWJsZSBsb29wYmFjayB1c2VyCmxvb3BiYWNrX3VzZXJzLnVzZXIgPSBmYWxzZQpsb2FkX2RlZmluaXRpb25zID0gL2FwcC9sb2FkX2RlZmluaXRpb24uanNvbgo= --- # Source: rabbitmq/templates/secrets.yaml apiVersion: v1 @@ -37,14 +39,79 @@ metadata: name: rmq-rabbitmq namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 type: Opaque data: - rabbitmq-password: "ZGV2cm1xdXNlcg==" - rabbitmq-erlang-cookie: "d1BMdDdWWVdqcVNBaWpXb3FSTHBMcm9SRFFGd1BPTUs=" + rabbitmq-password: "Q0hBTkdFTUU=" + rabbitmq-erlang-cookie: "WWFlMm41aWNLS0lLcE5uZE5KdklTUXVhdkRmSmFDWlY=" +--- +# Source: rabbitmq/templates/secrets.yaml +apiVersion: v1 +kind: Secret +metadata: + name: load-definition + namespace: "default" + labels: + app.kubernetes.io/instance: rmq + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 +type: Opaque +stringData: + load_definition.json: | + { + "users": [ + { + "name": "rmq_admin", + "password": "devrmquser", + "tags": "administrator" + }, + { + "name": "carres", + "password": "carres", + "tags": "carres" + } + ], + "vhosts": [ + { + "name": "/" + }, + { + "name": "carres" + } + ], + "permissions": [ + { + "configure": ".*", + "read": ".*", + "user": "carres", + "vhost": "carres", + "write": ".*" + }, + { + "configure": ".*", + "read": ".*", + "user": "rmq_admin", + "vhost": "carres", + "write": ".*" + } + ], + "queues": [ + { + "arguments": {}, + "auto_delete": false, + "durable": true, + "name": "new_reservations", + "type": "classic", + "vhost": "carres" + } + ] + } --- # Source: rabbitmq/templates/role.yaml kind: Role @@ -53,10 +120,11 @@ metadata: name: rmq-rabbitmq-endpoint-reader namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 rules: - apiGroups: [""] resources: ["endpoints"] @@ -72,10 +140,11 @@ metadata: name: rmq-rabbitmq-endpoint-reader namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 subjects: - kind: ServiceAccount name: rmq-rabbitmq @@ -91,10 +160,11 @@ metadata: name: rmq-rabbitmq-headless namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 spec: clusterIP: None ports: @@ -111,8 +181,8 @@ spec: port: 15672 targetPort: stats selector: - app.kubernetes.io/name: rabbitmq app.kubernetes.io/instance: rmq + app.kubernetes.io/name: rabbitmq publishNotReadyAddresses: true --- # Source: rabbitmq/templates/svc.yaml @@ -122,10 +192,11 @@ metadata: name: rmq-rabbitmq namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 spec: type: ClusterIP sessionAffinity: None @@ -147,8 +218,8 @@ spec: targetPort: stats nodePort: null selector: - app.kubernetes.io/name: rabbitmq app.kubernetes.io/instance: rmq + app.kubernetes.io/name: rabbitmq --- # Source: rabbitmq/templates/statefulset.yaml apiVersion: apps/v1 @@ -157,10 +228,11 @@ metadata: name: rmq-rabbitmq namespace: "default" labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 spec: serviceName: rmq-rabbitmq-headless podManagementPolicy: OrderedReady @@ -169,41 +241,43 @@ spec: type: RollingUpdate selector: matchLabels: - app.kubernetes.io/name: rabbitmq app.kubernetes.io/instance: rmq + app.kubernetes.io/name: rabbitmq template: metadata: labels: - app.kubernetes.io/name: rabbitmq - helm.sh/chart: rabbitmq-12.0.10 app.kubernetes.io/instance: rmq app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.12.6 + helm.sh/chart: rabbitmq-12.1.7 annotations: - checksum/config: 1e6c3a00e9fa83423dc3f47b1971f7056615f100fc55bd6e024fa9b9a5729873 - checksum/secret: 9a59f8c0d251c6ed1f3677ed31cdda1509ac88002ce26ab23066b70757393357 + checksum/config: e5144be1b516acd085f42737d7bd64e0771f7415e3cfbdcf48e3ed79d6d0dca6 + checksum/secret: 293665a9420bf3c63463d41522075457eff7a2faea63fa152b27a5b0c8284cf8 spec: + serviceAccountName: rmq-rabbitmq affinity: podAffinity: - + podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: - app.kubernetes.io/name: rabbitmq app.kubernetes.io/instance: rmq + app.kubernetes.io/name: rabbitmq topologyKey: kubernetes.io/hostname weight: 1 nodeAffinity: - + securityContext: fsGroup: 1001 terminationGracePeriodSeconds: 120 initContainers: containers: - name: rabbitmq - image: docker.io/bitnami/rabbitmq:3.12.2-debian-11-r8 + image: docker.io/bitnami/rabbitmq:3.12.6-debian-11-r4 imagePullPolicy: "IfNotPresent" securityContext: runAsNonRoot: true @@ -261,13 +335,13 @@ spec: name: rmq-rabbitmq key: rabbitmq-erlang-cookie - name: RABBITMQ_LOAD_DEFINITIONS - value: "no" + value: "yes" - name: RABBITMQ_DEFINITIONS_FILE value: "/app/load_definition.json" - name: RABBITMQ_SECURE_PASSWORD value: "yes" - name: RABBITMQ_USERNAME - value: "rmq_admin" + value: "user" - name: RABBITMQ_PASSWORD valueFrom: secretKeyRef: @@ -295,7 +369,7 @@ spec: command: - sh - -ec - - curl -f --user rmq_admin:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/virtual-hosts + - rabbitmq-diagnostics -q ping readinessProbe: failureThreshold: 3 initialDelaySeconds: 10 @@ -306,7 +380,7 @@ spec: command: - sh - -ec - - curl -f --user rmq_admin:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/local-alarms + - rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms resources: limits: {} requests: {} @@ -315,12 +389,18 @@ spec: mountPath: /bitnami/rabbitmq/conf - name: data mountPath: /bitnami/rabbitmq/mnesia + - name: load-definition-volume + mountPath: /app + readOnly: true volumes: - name: configuration projected: sources: - secret: name: rmq-rabbitmq-config + - name: load-definition-volume + secret: + secretName: "load-definition" - name: data persistentVolumeClaim: claimName: rmq-pv-claim diff --git a/apps/keycloak/realm.json b/apps/keycloak/realm.json index 81a1453..2d4d9b6 100644 --- a/apps/keycloak/realm.json +++ b/apps/keycloak/realm.json @@ -612,9 +612,9 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppGoogleName", "totpAppFreeOTPName", - "totpAppMicrosoftAuthenticatorName" + "totpAppMicrosoftAuthenticatorName", + "totpAppGoogleName" ], "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": ["ES256"], @@ -1450,6 +1450,7 @@ "browserSecurityHeaders": { "contentSecurityPolicyReportOnly": "", "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", "xRobotsTag": "none", "xFrameOptions": "SAMEORIGIN", "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", @@ -1458,7 +1459,7 @@ }, "smtpServer": {}, "loginTheme": "keycloak", - "accountTheme": "keycloak", + "accountTheme": "keycloak.v2", "adminTheme": "keycloak.v2", "emailTheme": "keycloak", "eventsEnabled": false, @@ -1507,13 +1508,13 @@ "subComponents": {}, "config": { "allowed-protocol-mapper-types": [ - "oidc-address-mapper", "saml-user-property-mapper", - "oidc-full-name-mapper", "saml-role-list-mapper", + "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", "oidc-usermodel-property-mapper" ] } @@ -1527,11 +1528,11 @@ "config": { "allowed-protocol-mapper-types": [ "oidc-sha256-pairwise-sub-mapper", - "saml-user-attribute-mapper", - "oidc-address-mapper", + "saml-user-property-mapper", "saml-role-list-mapper", + "oidc-address-mapper", + "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", - "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-full-name-mapper" ] @@ -1664,40 +1665,6 @@ } ] }, - { - "id": "4d3cd2c2-3c42-47d7-85c9-17c66371c7ad", - "alias": "Authentication Options", - "description": "Authentication options.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "basic-auth", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "basic-auth-otp", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-spnego", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 30, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, { "id": "8a92740f-831f-40d5-8f47-45721bbc895e", "alias": "Browser - Conditional OTP", @@ -2070,32 +2037,6 @@ } ] }, - { - "id": "ae93d9d2-111b-478c-aef2-3f1c41ef7346", - "alias": "http challenge", - "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "no-cookie-redirect", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Authentication Options", - "userSetupAllowed": false - } - ] - }, { "id": "0c5f8c0e-bc5e-4799-80da-b9762b8b5f50", "alias": "registration", @@ -2245,9 +2186,9 @@ "config": {} }, { - "alias": "terms_and_conditions", + "alias": "TERMS_AND_CONDITIONS", "name": "Terms and Conditions", - "providerId": "terms_and_conditions", + "providerId": "TERMS_AND_CONDITIONS", "enabled": false, "defaultAction": false, "priority": 20, @@ -2337,7 +2278,7 @@ "cibaInterval": "5", "realmReusableOtpCode": "false" }, - "keycloakVersion": "21.0.1", + "keycloakVersion": "22.0.3", "userManagedAccessAllowed": false, "clientProfiles": { "profiles": [] @@ -2765,9 +2706,9 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppGoogleName", "totpAppFreeOTPName", - "totpAppMicrosoftAuthenticatorName" + "totpAppMicrosoftAuthenticatorName", + "totpAppGoogleName" ], "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": ["ES256"], @@ -2811,6 +2752,13 @@ ], "disableableCredentialTypes": [], "requiredActions": [], + "federatedIdentities": [ + { + "identityProvider": "github", + "userId": "6214912", + "userName": "nikitades" + } + ], "realmRoles": ["default-roles-carres", "manager"], "notBefore": 0, "groups": [] @@ -3019,6 +2967,7 @@ "consentRequired": false, "config": { "user.session.note": "clientId", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientId", @@ -3033,6 +2982,7 @@ "consentRequired": false, "config": { "user.session.note": "clientHost", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientHost", @@ -3048,7 +2998,8 @@ "config": { "included.client.audience": "app", "id.token.claim": "true", - "access.token.claim": "true" + "access.token.claim": "true", + "userinfo.token.claim": "true" } }, { @@ -3059,6 +3010,7 @@ "consentRequired": false, "config": { "user.session.note": "clientAddress", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -3706,6 +3658,7 @@ "browserSecurityHeaders": { "contentSecurityPolicyReportOnly": "", "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", "xRobotsTag": "none", "xFrameOptions": "SAMEORIGIN", "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", @@ -3714,7 +3667,7 @@ }, "smtpServer": {}, "loginTheme": "keycloak", - "accountTheme": "keycloak", + "accountTheme": "keycloak.v2", "adminTheme": "keycloak.v2", "emailTheme": "keycloak", "eventsEnabled": false, @@ -3722,7 +3675,30 @@ "enabledEventTypes": [], "adminEventsEnabled": false, "adminEventsDetailsEnabled": false, - "identityProviders": [], + "identityProviders": [ + { + "alias": "github", + "internalId": "f4c98cd0-cb9a-4428-9131-a62c2189f2c8", + "providerId": "github", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": true, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "acceptsPromptNoneForwardFromClient": "true", + "clientId": "1aceada9a1350fe931f6", + "disableUserInfo": "false", + "filteredByClaim": "false", + "syncMode": "IMPORT", + "clientSecret": "491bfb6bbc987c20b792e3f1ed2a5d072a6b9231" + } + } + ], "identityProviderMappers": [], "components": { "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ @@ -3783,14 +3759,14 @@ "subComponents": {}, "config": { "allowed-protocol-mapper-types": [ - "oidc-sha256-pairwise-sub-mapper", - "oidc-usermodel-property-mapper", "oidc-full-name-mapper", - "oidc-address-mapper", - "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", "saml-user-attribute-mapper", - "saml-role-list-mapper" + "oidc-address-mapper" ] } }, @@ -3810,13 +3786,13 @@ "subComponents": {}, "config": { "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", - "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", - "saml-role-list-mapper", - "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper" ] } @@ -3920,40 +3896,6 @@ } ] }, - { - "id": "bd8e7472-65f0-4bfb-9de3-54b5166ec202", - "alias": "Authentication Options", - "description": "Authentication options.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "basic-auth", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "basic-auth-otp", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-spnego", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 30, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, { "id": "4b297a02-7276-4761-a359-be56a3a48388", "alias": "Browser - Conditional OTP", @@ -4326,32 +4268,6 @@ } ] }, - { - "id": "d184c76f-0418-448c-aa8a-07be4546a7a2", - "alias": "http challenge", - "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "no-cookie-redirect", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Authentication Options", - "userSetupAllowed": false - } - ] - }, { "id": "6a4dec82-d2b6-47e4-927d-6a4abfc8f77a", "alias": "registration", @@ -4501,9 +4417,9 @@ "config": {} }, { - "alias": "terms_and_conditions", + "alias": "TERMS_AND_CONDITIONS", "name": "Terms and Conditions", - "providerId": "terms_and_conditions", + "providerId": "TERMS_AND_CONDITIONS", "enabled": false, "defaultAction": false, "priority": 20, @@ -4594,7 +4510,7 @@ "parRequestUriLifespan": "60", "clientSessionMaxLifespan": "0" }, - "keycloakVersion": "21.0.1", + "keycloakVersion": "22.0.3", "userManagedAccessAllowed": false, "clientProfiles": { "profiles": [] diff --git a/apps/rmq/README.md b/apps/rmq/README.md index 5e5e983..2929a85 100644 --- a/apps/rmq/README.md +++ b/apps/rmq/README.md @@ -1,7 +1,3 @@ # Cars Reservation System - Rabbit MQ -A preconfigured image is used. - -Requires the manual adjustment once launched (to create the app level user and virtual host). - -The base admin pwd is configured via secrets. \ No newline at end of file +A preconfigured image is used. Definitions are imported locally for the sake of a quicker launch, \ No newline at end of file