Keycloak
1FROM registry.access.redhat.com/ubi9 AS ubi-micro-build
2
3ENV KEYCLOAK_VERSION 999.0.0-SNAPSHOT
4ARG KEYCLOAK_DIST=https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
5
6RUN dnf install -y tar gzip
7
8ADD $KEYCLOAK_DIST /tmp/keycloak/
9
10# The next step makes it uniform for local development and upstream built.
11# If it is a local tar archive then it is unpacked, if from remote is just downloaded.
12RUN (cd /tmp/keycloak && \
13tar -xvf /tmp/keycloak/keycloak-*.tar.gz && \
14rm /tmp/keycloak/keycloak-*.tar.gz) || true
15
16RUN mv /tmp/keycloak/keycloak-* /opt/keycloak && mkdir -p /opt/keycloak/data
17RUN chmod -R g+rwX /opt/keycloak
18
19ADD ubi-null.sh /tmp/
20RUN bash /tmp/ubi-null.sh java-17-openjdk-headless glibc-langpack-en findutils
21
22FROM registry.access.redhat.com/ubi9-micro
23ENV LANG en_US.UTF-8
24
25# Flag for determining app is running in container
26ENV KC_RUN_IN_CONTAINER true
27
28COPY --from=ubi-micro-build /tmp/null/rootfs/ /
29COPY --from=ubi-micro-build --chown=1000:0 /opt/keycloak /opt/keycloak
30
31RUN echo "keycloak:x:0:root" >> /etc/group && \
32echo "keycloak:x:1000:0:keycloak user:/opt/keycloak:/sbin/nologin" >> /etc/passwd
33
34USER 1000
35
36EXPOSE 8080
37EXPOSE 8443
38
39ENTRYPOINT [ "/opt/keycloak/bin/kc.sh" ]
40