Service from private GCR registry is not starting

Drone Support
1

Hi there guys, I’m setting up a small pipeline using a private custom keycloak image hosted at google gcr. In the UI I see that the service is green, but it doesn’t show any log and don’t allow any connection, the expected behavior is that keycloak should start and allow connections.

As you can see in the image the service looks green, but don’t shows any log.

image
image952×206 10.8 KB

I ssh into my autoscaler agent and checked the docker processes, as you can see there isn’t any container running the image:

image
image1220×124 9.69 KB

My .drone.yaml look like this.

  ---
  kind: pipeline
  name: tests
  
  platform:
    os: linux
    arch: amd64
  
  services:
    - name: keycloak
      image: gcr.io/proyect/keycloak:master
      environment:
        KEYCLOAK_USER: admin
        KEYCLOAK_PASSWORD: admin
  
  image_pull_secrets:
   - dockerconfig
  
  steps:
    - name: ping-keycloak
      image: python:3.8
      commands:
      - scripts/wait_for_apps.sh 60 http://keycloak:8080
  
  trigger:
    event:
      - pull_request

My dockerconfig secret don’t include the https protocol as recommended in the documentation, it also allow pull requests, I can confirm that it the autenticación worked since the pipeline was working as you can see in the screenshot.

image

image
image956×379 56.6 KB

Thanks in advance for any help.

2

Quick Update: Today I decided to upload my image to Docker Hub.

I did the same setup creating a new secret with the config.json, I ensured that it has the “Pull Request” flag on but the issue keeps the same.

Logs of my server says that the service started:

image
image1121×145 38.4 KB

The output of running drone secret info <repo> --name=<secret> against my build.

image

The output of drone build info <repo> <build>

image

Maybe I’m missing something ?

Thanks.

3

I might not be much help but really curious what you are doing. I have not played with Keycloak since 2015 ha! Really like the project :slight_smile:

Is everything in the same container? Low hanging fruit is the port right? Not sure if Keycloak
uses the same port as the Wildfly Container [8080].

Stay bold,

-Ravi

4

Ah never-mind it does :slight_smile:

https://www.keycloak.org/docs/latest/getting_started/index.html

5

Hi Ravi,

We’re working on unify all our services under only one authentication system. Keycloak is an amazing solution for that. We have created a theme, a new standalone and some other customizations for it, that’s why we built our own version.

In our pipelines we have a lot of integration tests that require keycloak running as a service, so it is in a different container.

Hope it clarify a little bit more.

Cheers.