Remove Oracle Database JDBC driver from the Keycloak distribution#22598
Remove Oracle Database JDBC driver from the Keycloak distribution#22598vmuzikar merged 2 commits intokeycloak:release/22.0from
Conversation
testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
Outdated
Show resolved
Hide resolved
docs/guides/server/db.adoc
Outdated
There was a problem hiding this comment.
Installing the Oracle JDBC driver only when it's related to RHBK.
ed9f39c to
5ac4b5b
Compare
There was a problem hiding this comment.
Works as expected. The Oracle JDBC driver is included in the /providers dir only when the product profile is activated.
There was a problem hiding this comment.
This doesn't do anything really as we test DB support with GitHub Actions which doesn't use the product profile. Also not sure we should always install the Oracle Driver, but rather only install it when we are testing Oracle.
There was a problem hiding this comment.
This is not for GHA but for QE pipelines.
stianst
left a comment
There was a problem hiding this comment.
Instead of adding another way of marking sections as community/product it should use the same approach as in documentation already. That is also already supported by the product documentation build, so these suggested changes works with downstream doc builds without any changes needed there.
I'm not too keen on including DockerFile examples in the documentation as they are hard and error prone to test and use. Would be better to add examples to keycloak-quickstarts and link to those, but I think we can also live without an actual DockerFile example perhaps.
Final comment is on how we can automate testing. The included profile in the testsuite doesn't really achieve anything as we are testing DB support in community only using GitHub Actions, so our testing will be done with the Oracle driver included in the dist, rather than added to providers directory. I think we'd have to introduce another job in ci.yml that re-builds the distribution without Oracle driver, then adds it to providers, and runs testing for Oracle. That'd be for release/22.0 branch, for main when we remove Oracle driver fully we wouldn't need this additional job, but rather just install the Oracle driver into providers, but think we should only do that in the oracle matrix for legacy-store-integration-tests rather than having it always included as what will happen here.
There was a problem hiding this comment.
This doesn't do anything really as we test DB support with GitHub Actions which doesn't use the product profile. Also not sure we should always install the Oracle Driver, but rather only install it when we are testing Oracle.
|
@stianst Thanks for the review
Yep, better. |
I'm not very familiar with the chosen approach to testing the product. We will not be able to avoid changing certain parts of Keycloak for the product (f.e. GELF support), so also the testing will be slightly different. I've kinda counted on providing the However, in this case, it'd be fine not to use the Introducing the new CI job might make sense to simulate the product behavior; Oracle JDBC driver not included. |
I'd argue we have internal CI pipelines for this. |
Extended version for completion of requirements for 22.x release Closes keycloak#22452 Co-authored-by: Martin Bartoš <[email protected]> Co-authored-by: Stian Thorgersen <[email protected]>
|
The approach for community/product docs works as expected. I agree to handle the Dockerfiles in follow-up tasks. Moreover, as we still have the QE pipelines that will be used for the product, I'd say this approach might be sufficient; @vmuzikar good argument. @stianst @mhajas Are you ok with the current approach? @vmuzikar Could you please squash the commits through GH, or should I do it manually? |
mhajas
left a comment
There was a problem hiding this comment.
Thank you for the PR @mabartos! I added just one nitpick comment about using ifdef instead of ifeval as we do in other places. I am approving though as I can confirm it works as expected even with ifdef so. I am leaving it up to you whether you want to leave this as is or change it.
4b40158 to
e2db747
Compare
|
@mhajas Done |
Extended version for completion of requirements for 22.x release
Closes #22452
Requirements for 22.x backport:
productprofile is introduced; IMHO better approach)The-DskipProprietaryproperty is present in the codebase, and moreover, it's possible to ignore the proprietary Oracle JDBC driver by specifying profile-Pproduct. It'll provide us better manageability around product builds as it will not be necessary to include all provided flags which distinguish the build approaches.EDIT: Only the
productprofile is introduced.The
-Pproductprofile will need to be provided for other parts of Keycloak anyway.I'm not sure about the docs changes whether they should be first added to the
mainin a separate PR and then backported to 22 and used here. To be more specific, there will be a necessity for providing such a functionality even in later Keycloak releases.@vmuzikar @mhajas WDYT?