Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to Quarkus 3.2.2.Final #21912

Merged
merged 1 commit into from
Jul 26, 2023
Merged

Upgrade to Quarkus 3.2.2.Final #21912

merged 1 commit into from
Jul 26, 2023

Conversation

vmuzikar
Copy link
Contributor

Closes #21907

@vmuzikar vmuzikar requested a review from a team as a code owner July 24, 2023 12:46
@vmuzikar vmuzikar marked this pull request as draft July 24, 2023 13:18
@ghost ghost added the flaky-test label Jul 25, 2023
This was referenced Jul 25, 2023
Closed
Closed
Closed
@vmuzikar vmuzikar force-pushed the quarkus-322 branch 3 times, most recently from e332dde to fbfe788 Compare July 25, 2023 14:50
This was referenced Jul 26, 2023
Closed
Closed
@vmuzikar vmuzikar marked this pull request as ready for review July 26, 2023 10:50
@vmuzikar vmuzikar requested a review from a team as a code owner July 26, 2023 10:50
@ghost ghost added the team/cloud-native label Jul 26, 2023
vmuzikar
vmuzikar commented Jul 26, 2023
View reviewed changes
quarkus/config-api/src/main/java/org/keycloak/config/HttpOptions.java
@@ -56,7 +56,7 @@ public enum ClientAuth {
public static final Option HTTPS_PROTOCOLS = new OptionBuilder<>("https-protocols", String.class)
.category(OptionCategory.HTTP)
.description("The list of protocols to explicitly enable.")
.defaultValue("TLSv1.3")
.defaultValue("TLSv1.3,TLSv1.2")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is to mitigate quarkusio/quarkus#34468 and basically replicate the previous behaviour where TLSv1.2 worked.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved, as the current NIST SP 800-52 Rev. 2 guideline recommends to enable TLSv1.3 alongside TLSv1.2, so clients can choose the "better" protocol on their capabilities.

mabartos
mabartos approved these changes Jul 26, 2023
View reviewed changes
Copy link
Contributor

@mabartos mabartos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vmuzikar LGTM, thanks!

Pepo48
Pepo48 reviewed Jul 26, 2023
View reviewed changes
quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/QuarkusPropertiesDistTest.java
@@ -123,7 +123,7 @@ void testUnknownQuarkusBuildTimePropertyApplied(LaunchResult result) {
}

@Test
@Launch({ "start", "--http-enabled=true", "--hostname-strict=false", "--config-keystore=keystore" })
@Launch({ "start", "--http-enabled=true", "--hostname-strict=false", "--config-keystore=../../../../src/test/resources/keystore" })
Copy link
Contributor

@Pepo48 Pepo48 Jul 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to be sure, this change was necessary because the invalid keystore path exception would take a precedence?

I haven't gone through the recent smallrye-keystore changes, but this might indicate that there are some improvements when it comes to exception handling, so our custom property validation might be redundant to some extent.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to be sure, this change was necessary because the invalid keystore path exception would take a precedence?

Yes but it still triggered our custom validation, not anything in SmallRye.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok then, thanks for clarification.

Pepo48
Pepo48 approved these changes Jul 26, 2023
View reviewed changes
Copy link
Contributor

@Pepo48 Pepo48 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @vmuzikar.

@vmuzikar vmuzikar merged commit ecdf8e8 into keycloak:main Jul 26, 2023
76 checks passed
@vmuzikar vmuzikar deleted the quarkus-322 branch July 26, 2023 14:22
@vmuzikar vmuzikar modified the milestone: 22.0.2 Jul 26, 2023
vmuzikar added a commit to vmuzikar/keycloak that referenced this pull request Jul 26, 2023
@vmuzikar
Upgrade to Quarkus 3.2.2.Final (keycloak#21912)
2f8d035 
Closes keycloak#21907

(cherry picked from commit ecdf8e8)
ahus1 pushed a commit that referenced this pull request Jul 26, 2023
@vmuzikar @ahus1
Upgrade to Quarkus 3.2.2.Final (#21912)
6161109 
Closes #21907

(cherry picked from commit ecdf8e8)
This was referenced Sep 4, 2023
Closed
Closed
Closed
@stianst stianst mentioned this pull request Nov 14, 2023
Closed
@stianst stianst mentioned this pull request May 6, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Pepo48 Pepo48 Pepo48 approved these changes

@ahus1 ahus1 ahus1 approved these changes

@mabartos mabartos mabartos approved these changes

@shawkins shawkins Awaiting requested review from shawkins

Assignees
No one assigned
Labels
flaky-test team/cloud-native
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade to Quarkus 3.2.2.Final
4 participants
@vmuzikar @ahus1 @Pepo48 @mabartos