+
Skip to content

Implement CompatibilityMetadataProvider for Cache CLI args #41163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

Implement CompatibilityMetadataProvider for Cache CLI args #41163

wants to merge 5 commits into from
+644 −106

Conversation

ryanemerson
Copy link
Contributor

@ryanemerson ryanemerson commented Jul 15, 2025
edited
Loading

Closes #41138

Requires #41027

A limitation with the current implementation is that if a default value is not set for a CLI arg then explicitly setting the value will be classes as "incompatible" even though the semantics are the same. For example, the default cache configuration uses the "jdbc-ping" stack, however --cache-stack jdbc-ping is not set. So if the user executes the update command with --cache-stack jdbc-ping explicitly configured then a RECREATE exit code will be returned by the UpdateCompatibility command.

Given that we state the following in the docs, ^ limitation could be considered acceptable:

Ensure that all configuration options, whether set via environment variables or CLI arguments, are included when running this command.

ryanemerson and others added 5 commits July 9, 2025 12:00
@ryanemerson
Allow Features to declare that they support Rolling upgrades
baba2b1 
Closes keycloak#41022

Signed-off-by: Ryan Emerson <remerson@redhat.com>
@ryanemerson
Pruivo feedback
9e3332f 
Signed-off-by: Ryan Emerson <remerson@redhat.com>
@ryanemerson
Fix UpdateCommandDistTest
3b99d55 
Signed-off-by: Ryan Emerson <remerson@redhat.com>
@ahus1
Review
37ff5cd 
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
@ryanemerson
Implement CompatibilityMetadataProvider for Cache CLI args
2e4811a 
Closes keycloak#41138

Signed-off-by: Ryan Emerson <remerson@redhat.com>
@keycloak-github-bot
Copy link

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.federation.kerberos.KerberosLdapCrossRealmTrustTest#test03SpnegoLoginUsernamePassword

Keycloak CI - Base IT (5)

org.openqa.selenium.TimeoutException: 
java.net.SocketTimeoutException: Read timed out
Build info: version: '4.28.1', revision: '73f5ad48a2'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '6.11.0-1018-azure', java.version: '21.0.7'
Driver info: driver.version: HtmlUnitDriver
...

Report flaky test

org.keycloak.testsuite.federation.ldap.LDAPReadOnlyTest#testReadOnlyUserGetsPermanentlyLocked

Keycloak CI - Base IT (5)

java.lang.AssertionError
	at org.junit.Assert.fail(Assert.java:87)
	at org.junit.Assert.assertTrue(Assert.java:42)
	at org.junit.Assert.assertFalse(Assert.java:65)
	at org.junit.Assert.assertFalse(Assert.java:75)
...

Report flaky test

keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Jul 15, 2025
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

pruivo
pruivo reviewed Jul 16, 2025
View reviewed changes
Copy link
Contributor

@pruivo pruivo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall, it looks good to me. I left some suggestions anticipating some future work around the SPI options.

...finispan/src/main/java/org/keycloak/compatibility/AbstractCompatibilityMetadataProvider.java
public AbstractCompatibilityMetadataProvider(String spi, boolean enabled) {
this.spi = spi;
this.enabled = enabled;
this.config = enabled ? Config.scope(spi, "default") : null;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not all providers have the ID default. I would add the providerId as a parameter to make this class future-proof.

For example, this factory has SPI optoins and the provider ID is not default:

keycloak/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProviderFactory.java

Line 313 in 9322d71

return InfinispanUtils.EMBEDDED_PROVIDER_ID;

...finispan/src/main/java/org/keycloak/compatibility/AbstractCompatibilityMetadataProvider.java

@Override
public Map<String, String> metadata() {
if (!enabled)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would remove the enabled field and create an abstract method isEnabled(Config.Scope).

The provider factory API has the Config.Scope as a parameter; it can use an SPI option/configuration to decide if it is enabled or not.

keycloak/server-spi-private/src/main/java/org/keycloak/provider/EnvironmentDependentProviderFactory.java

Lines 30 to 36 in 3e0a185

/**
* Check if the provider is supported and should be available based on the provider configuration.
*
* @param config the provider configuration
* @return {@code true} if the provider is supported. Otherwise, {@code false}.
*/
boolean isSupported(Config.Scope config);

...pan/src/main/java/org/keycloak/infinispan/compatibility/CachingEmbeddedMetadataProvider.java
@Override
public Map<String, String> meta() {
return Map.of(
"persistence", Boolean.toString(MultiSiteUtils.isPersistentSessionsEnabled()),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can be removed as the Feature is already tracked.

...ispan/src/main/java/org/keycloak/infinispan/compatibility/CachingRemoteMetadataProvider.java

@Override
public Map<String, String> meta() {
return Map.of("persistence", Boolean.toString(MultiSiteUtils.isPersistentSessionsEnabled()));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, I think we can remove it here too.

...finispan/src/main/java/org/keycloak/compatibility/AbstractCompatibilityMetadataProvider.java
return spi;
}

protected Map<String, String> meta() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpicking

Suggested change
protected Map<String, String> meta() {
protected Map<String, String> customMetadata() {

...finispan/src/main/java/org/keycloak/compatibility/AbstractCompatibilityMetadataProvider.java

@Override
public String getId() {
return spi;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if this should be a combination of SPI and the Provider ID. For example, InfinispanUserSessionProviderFactory and RemoteUserSessionProviderFactory both implement the same SPI.
But let's leave it as is for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pruivo pruivo pruivo left review comments

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
flaky-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement CompatibilityMetadataProvider for Cache CLI args
3 participants
@ryanemerson @pruivo @ahus1
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载