feat(keycloak): Add keycloak theme, capture university, add ORCid integration #971
Conversation
theosanderson
force-pushed
the
keycloakify
branch
2 times, most recently
from
6694361
to
dd0db42
Compare
theosanderson
changed the title
theosanderson
force-pushed
the
keycloakify
branch
from
6e1270f
to
3d697d1
Compare
theosanderson
force-pushed
the
keycloakify
branch
from
c5bf6c5
to
b254c9f
Compare
theosanderson
force-pushed
the
keycloakify
branch
2 times, most recently
from
86dcdf5
to
81de8ed
Compare
theosanderson
changed the title
* Use caching and retagging for keycloakify action * Fix: need to login befor querying docker registry
corneliusroemer
changed the title
There was a problem hiding this comment.
Cool stuff! Haven't tested yet just looked through code. Should we enable dependabot for this subrepo or rather not - because all that you changed with respect to the source repo is the templates folder?
Will the workflows run despite not being in the root of the repo?
Are some of the files in here unnecessary and could be removed?
No, I think dependabot could be very painful. Yes, some files may be unnecessary, but form part of the documentation of this starter: #973 |
|
Here's another small PR targeting keycloakify: #1175 |
…e instead use timeout (#1175) * fix(ci): add `keycloak` to paths that trigger E2E * No need to wait for particular images, kubernetes will retry pulling images and backoff if not found Given we build many docker images, we would otherwise wait for each - not just the 2 here. Instead, use timeout to fail if the images never make it.
|
Sorry @theosanderson I merged #1175 into this branch here by accident - feel free to revert if you have objections. I thought I'd enable auto-squash - but it merged directly without requiring review as it's not targeting main. |
|
Np looks good but made one comment |
|
I'm getting an HTTP 500 error when trying to login with testuser: Could be that this is because something is not ready on the deployment side? |
|
Hmm that was fine when I last checked. Will have a look in a bit |
|
I deleted the app and it seems fine now, but worth keeping an eye on |
|
Next time something like this happens I'll try to find the logs - which reminds me we should send our logs to a log aggregator, will make an issue: #1176 |
|
The keycloak logs were about timeouts waiting for acks |
corneliusroemer
added
javascript
auth
Resolves #743, resolves #745, resolves #546
Preview: https://keycloakify.loculus.org/
We build a custom keycloak theme with keycloakify (which is react based), which gets packaged (like most Keycloak themes) into a
.jarfile. We then put that jar file into a Docker image which serves just as a directory to store the image, and copies it out into a volume that is also mounted on keycloak in the right place for keycloak to get the theme. Keycloak does indeed gets the theme and uses it as the login theme.We also enable the
declarative_user_profilefeature of Keycloak, and use it to capture the user'sUniversity / Organisation.We also add ORCid keycloak integration and capture the ORCid where possible
Outstanding issues:
#974 - put in real terms of use
#973 - this is branched from a starter template. there is more we can clean up but I don't feel ready to yet, because these are useful docs about how to e.g. add new pages, for now
#1172 - clean up ORCid secrets