feat: Update Keycloak to v25.0.1 and OpenFGA platform to v1.5.5. Upda…

…te custom extension

.env

@@ -0,0 +1,2 @@
+KC_VERSION=25.0.1
+OPENFGA_VERSION=v1.5.5

docker-compose-import.yml

@@ -5,7 +5,7 @@ services:
     depends_on: 
       openfga:
         condition: service_healthy 
-    image: openfga/cli:v0.2.0
+    image: openfga/cli:v0.5.1
     container_name: openfga-import
     restart: "no"
     command: "store create --name keycloak --api-url http://openfga:8080 --model /tmp/model.dsl"
@@ -21,7 +21,7 @@ services:
         condition: service_healthy
       openfga-import:
         condition: service_completed_successfully
-    image: quay.io/keycloak/keycloak:21.1
+    image: quay.io/keycloak/keycloak:${KC_VERSION}
     container_name: keycloak-import
     restart: "no"
     entrypoint: [
@@ -34,5 +34,5 @@ services:
       KEYCLOAK_USER: admin
       KEYCLOAK_PASSWORD: password 
     volumes:        
-      - $PWD/keycloak/initialize-poc.sh:/opt/keycloak/import.sh
+      - $PWD/keycloak/import.sh:/opt/keycloak/import.sh
 

docker-compose-openfga.yml

@@ -22,7 +22,7 @@ services:
     depends_on:
       openfga-postgres:
         condition: service_healthy
-    image: openfga/openfga:v1.3.1
+    image: openfga/openfga:${OPENFGA_VERSION}
     container_name: migrate
     environment:
       - OPENFGA_DATASTORE_ENGINE=postgres
@@ -35,13 +35,14 @@ services:
     depends_on:
       migrate:
         condition: service_completed_successfully
-    image: openfga/openfga:v1.3.1
+    image: openfga/openfga:${OPENFGA_VERSION}
     container_name: openfga
     command: run
     environment:
       - OPENFGA_DATASTORE_ENGINE=postgres
       - OPENFGA_DATASTORE_URI=postgres://postgres:password@openfga-postgres:5432/postgres?sslmode=disable
       - OPENFGA_DATASTORE_MAX_OPEN_CONNS=100
+      - OPENFGA_LOG_LEVEL=error
     networks:
       - default
     ports:

docker-compose.yml

@@ -1,16 +1,10 @@
 version: '3'
 
-volumes:
-  postgres_data:
-    driver: local
-
 services:
 
   keycloak-postgres:
     image: postgres:14
     container_name: keycloak-postgres
- #   volumes:
- #     - postgres_data:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: keycloak
       POSTGRES_USER: keycloak
@@ -24,7 +18,7 @@ services:
       - 5433:5432
 
   keycloak:
-    image: quay.io/keycloak/keycloak:21.1
+    image: quay.io/keycloak/keycloak:${KC_VERSION}
     container_name: keycloak
     command:
       - start-dev
@@ -42,22 +36,19 @@ services:
       KC_HOSTNAME_STRICT: 'false'
       KC_HTTP_ENABLED: 'true'
       KC_HEALTH_ENABLED: 'true'
-      KC_HOSTNAME_ADMIN: localhost
       KC_HOSTNAME: keycloak
-      KC_FEATURES: declarative-user-profile
       KC_SPI_EVENTS_LISTENER_OPENFGA_EVENTS_PUBLISHER_API_URL: http://openfga:8080
-      KC_LOG_LEVEL: INFO, com.twogenidentity.keycloak:debug,com.twogenidentity.keycloak.utils:debug
+      KC_LOG_LEVEL: info,com.twogenidentity.keycloak:debug,com.twogenidentity.keycloak.utils:debug
     healthcheck:
-      # test: ["CMD", "curl", "-f", "http://localhost:8081/health/ready"]
-      test: cat /proc/net/tcp | grep '00000000:1F91 00000000:0000' || exit 1
+      test: ["CMD", "/opt/keycloak/bin/kcadm.sh", "config", "credentials", "--server", "http://localhost:8081", "--realm", "master", "--user", "admin", "--password", "password"]
       interval: 5s
       timeout: 2s
       retries: 15         
     ports:
       - 8081:8081
       - 8443:8443
     volumes:
-      - $PWD/keycloak/lib/keycloak-openfga-event-publisher-1.0.0.jar:/opt/keycloak/providers/keycloak-openfga-event-publisher-1.0.0.jar
-      - $PWD/keycloak/initialize-poc.sh:/opt/keycloak/initialize-poc.sh
+      - $PWD/keycloak/lib/keycloak-openfga-event-publisher.jar:/opt/keycloak/providers/keycloak-openfga-event-publisher.jar
+      - $PWD/keycloak/import.sh:/opt/keycloak/import.sh
     depends_on:
       - keycloak-postgres

keycloak/initialize-poc.sh → keycloak/import.sh

@@ -29,5 +29,4 @@ echo "Creating PoC Users, Role Model, User Role Assigments and Clients"
 
 # User Role Assignments
 /opt/keycloak/bin/kcadm.sh add-roles -r master --uusername paula --rolename analyst-catalog
-/opt/keycloak/bin/kcadm.sh add-roles -r master --uusername richard --rolename admin-catalog
-
+/opt/keycloak/bin/kcadm.sh add-roles -r master --uusername richard --rolename admin-catalog