"fix" (re-enable) mutual-tls-required tests with custom wait strategy…

… (log) as also the management-port requires mutualTls if it is set to "required" this will hopefully eventually fixed sometime...
dasniko · May 15, 2024 · 455a5df · 455a5df
1 parent 9a9f386
commit 455a5df
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 9 deletions.
diff --git a/src/main/java/dasniko/testcontainers/keycloak/ExtendableKeycloakContainer.java b/src/main/java/dasniko/testcontainers/keycloak/ExtendableKeycloakContainer.java
@@ -20,11 +20,13 @@
 import org.jboss.shrinkwrap.api.exporter.ZipExporter;
 import org.jboss.shrinkwrap.api.importer.ExplodedImporter;
 import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.jetbrains.annotations.NotNull;
 import org.keycloak.admin.client.Keycloak;
 import org.testcontainers.containers.GenericContainer;
 import org.testcontainers.containers.output.Slf4jLogConsumer;
 import org.testcontainers.containers.wait.strategy.HttpWaitStrategy;
 import org.testcontainers.containers.wait.strategy.Wait;
+import org.testcontainers.containers.wait.strategy.WaitStrategy;
 import org.testcontainers.utility.MountableFile;
 
 import javax.net.ssl.SSLContext;
@@ -58,6 +60,7 @@ public abstract class ExtendableKeycloakContainer<SELF extends ExtendableKeycloa
 
     public static final String MASTER_REALM = "master";
     public static final String ADMIN_CLI_CLIENT = "admin-cli";
+    public static final WaitStrategy LOG_WAIT_STRATEGY = Wait.forLogMessage(".*Running the server in development mode\\. DO NOT use this configuration in production.*\\n", 1);
 
     private static final String KEYCLOAK_IMAGE = "quay.io/keycloak/keycloak";
     private static final String KEYCLOAK_VERSION = "nightly";
@@ -107,6 +110,7 @@ public abstract class ExtendableKeycloakContainer<SELF extends ExtendableKeycloa
     private String[] featuresDisabled = null;
 
     private Duration startupTimeout = DEFAULT_STARTUP_TIMEOUT;
+    private boolean customWaitStrategySet = false;
 
     private List<String> providerClassLocations;
     private List<File> providerLibsLocations;
@@ -176,11 +180,13 @@ protected void configure() {
 
         withEnv("KC_METRICS_ENABLED", Boolean.toString(metricsEnabled));
         withEnv("KC_HEALTH_ENABLED", Boolean.toString(Boolean.TRUE));
-        HttpWaitStrategy waitStrategy = Wait.forHttp(contextPath + "/health/started").forPort(KEYCLOAK_PORT_MGMT);
-        if (useTls) {
-            waitStrategy = waitStrategy.usingTls().allowInsecure();
+        if (!customWaitStrategySet) {
+            HttpWaitStrategy waitStrategy = Wait.forHttp(contextPath + "/health/started").forPort(KEYCLOAK_PORT_MGMT);
+            if (useTls) {
+                waitStrategy = waitStrategy.usingTls().allowInsecure();
+            }
+            setWaitStrategy(waitStrategy.withStartupTimeout(startupTimeout));
         }
-        setWaitStrategy(waitStrategy.withStartupTimeout(startupTimeout));
 
         if (providerClassLocations != null && !providerClassLocations.isEmpty()) {
             AtomicInteger index = new AtomicInteger(0);
@@ -250,6 +256,12 @@ public SELF withCommand(String... commandParts) {
         throw new IllegalStateException("You are trying to set custom container commands, which is not supported by this Testcontainer. Try using the withCustomCommand() method.");
     }
 
+    @Override
+    public SELF waitingFor(@NotNull WaitStrategy waitStrategy) {
+        customWaitStrategySet = true;
+        return super.waitingFor(waitStrategy);
+    }
+
     public SELF withCustomCommand(String cmd) {
         if (customCommandParts == null) {
             customCommandParts = new ArrayList<>();

diff --git a/src/test/java/dasniko/testcontainers/keycloak/KeycloakContainerHttpsTest.java b/src/test/java/dasniko/testcontainers/keycloak/KeycloakContainerHttpsTest.java
@@ -3,13 +3,14 @@
 import io.restassured.RestAssured;
 import io.restassured.config.SSLConfig;
 import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 import org.keycloak.admin.client.Keycloak;
 import org.keycloak.admin.client.resource.ServerInfoResource;
 
 import javax.net.ssl.SSLHandshakeException;
 
+import java.time.Duration;
+
 import static io.restassured.RestAssured.given;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.startsWith;
@@ -86,22 +87,24 @@ public void shouldStartKeycloakWithMutualTlsRequestWithMutualTls() {
     }
 
     @Test
-    @Disabled
     public void shouldStartKeycloakWithMutualTlsRequiredWithMutualTls() {
         try (KeycloakContainer keycloak = new KeycloakContainer()
             .useTlsKeystore("keycloak.jks", "keycloak")
-            .useMutualTls("keycloak.jks", "keycloak", HttpsClientAuth.REQUIRED)) {
+            .useMutualTls("keycloak.jks", "keycloak", HttpsClientAuth.REQUIRED)
+            .waitingFor(KeycloakContainer.LOG_WAIT_STRATEGY.withStartupTimeout(Duration.ofMinutes(2))) // this is hopefully only a workaround until mgmt port does not require mutual tls
+        ) {
             keycloak.start();
             checkMutualTls(keycloak, "keycloak.jks", "keycloak", "keycloak.jks", "keycloak");
         }
     }
 
     @Test
-    @Disabled
     public void shouldStartKeycloakWithMutualTlsRequiredWithoutMutualTls() {
         try (KeycloakContainer keycloak = new KeycloakContainer()
             .useTlsKeystore("keycloak.jks", "keycloak")
-            .useMutualTls("keycloak.jks", "keycloak", HttpsClientAuth.REQUIRED)) {
+            .useMutualTls("keycloak.jks", "keycloak", HttpsClientAuth.REQUIRED)
+            .waitingFor(KeycloakContainer.LOG_WAIT_STRATEGY.withStartupTimeout(Duration.ofMinutes(2))) // this is hopefully only a workaround until mgmt port does not require mutual tls
+        ) {
             keycloak.start();
             assertThrows(SSLHandshakeException.class, () -> checkTls(keycloak, "keycloak.jks", "keycloak"));
         }