Service from private GCR registry is not starting

Hi there guys, I’m setting up a small pipeline using a private custom keycloak image hosted at google gcr. In the UI I see that the service is green, but it doesn’t show any log and don’t allow any connection, the expected behavior is that keycloak should start and allow connections.

As you can see in the image the service looks green, but don’t shows any log.

I ssh into my autoscaler agent and checked the docker processes, as you can see there isn’t any container running the image:

My .drone.yaml look like this.

  kind: pipeline
  name: tests
    os: linux
    arch: amd64
    - name: keycloak
        KEYCLOAK_USER: admin
        KEYCLOAK_PASSWORD: admin
   - dockerconfig
    - name: ping-keycloak
      image: python:3.8
      - scripts/ 60 http://keycloak:8080
      - pull_request

My dockerconfig secret don’t include the https protocol as recommended in the documentation, it also allow pull requests, I can confirm that it the autenticación worked since the pipeline was working as you can see in the screenshot.


Thanks in advance for any help.

Quick Update: Today I decided to upload my image to Docker Hub.

I did the same setup creating a new secret with the config.json, I ensured that it has the “Pull Request” flag on but the issue keeps the same.

Logs of my server says that the service started:

The output of running drone secret info <repo> --name=<secret> against my build.


The output of drone build info <repo> <build>


Maybe I’m missing something ?


I might not be much help but really curious what you are doing. I have not played with Keycloak since 2015 ha! Really like the project :slight_smile:

Is everything in the same container? Low hanging fruit is the port right? Not sure if Keycloak
uses the same port as the Wildfly Container [8080].

Stay bold,


Ah never-mind it does :slight_smile:

Hi Ravi,

We’re working on unify all our services under only one authentication system. Keycloak is an amazing solution for that. We have created a theme, a new standalone and some other customizations for it, that’s why we built our own version.

In our pipelines we have a lot of integration tests that require keycloak running as a service, so it is in a different container.

Hope it clarify a little bit more.