Merge pull request #17 from hic-infra/keycloak-25.0.1

Keycloak 25.0.1, update Terraform deps
hic-infra · Jul 16, 2024 · d812491 · d812491
2 parents 248f821 + f8dcf44
commit d812491
Show file tree

Hide file tree

Showing 5 changed files with 73 additions and 63 deletions.
diff --git a/container/Dockerfile b/container/Dockerfile
@@ -1,6 +1,6 @@
 # https://www.keycloak.org/server/containers
 
-ARG KEYCLOAK_VERSION=24.0.2
+ARG KEYCLOAK_VERSION=25.0.1
 FROM quay.io/keycloak/keycloak:$KEYCLOAK_VERSION as builder
 
 ENV KC_DB=postgres

diff --git a/ecs-cluster/.terraform.lock.hcl b/ecs-cluster/.terraform.lock.hcl
diff --git a/ecs-cluster/keycloak.tf b/ecs-cluster/keycloak.tf
@@ -2,6 +2,7 @@ data "aws_caller_identity" "current" {}
 
 locals {
   container-port    = 8443
+  management-port   = 9000
   keycloak-hostname = var.keycloak-hostname == "" ? aws_lb.keycloak.dns_name : var.keycloak-hostname
 
   vpc_id          = var.vpc-id == "" ? module.vpc[0].vpc_id : var.vpc-id
@@ -68,6 +69,12 @@ resource "aws_security_group" "ecs-task-keycloak" {
     to_port         = local.container-port
     security_groups = [aws_security_group.alb.id]
   }
+  ingress {
+    protocol        = "tcp"
+    from_port       = local.management-port
+    to_port         = local.management-port
+    security_groups = [aws_security_group.alb.id]
+  }
 
   egress {
     protocol    = "-1"
@@ -105,6 +112,7 @@ resource "aws_alb_target_group" "keycloak" {
     matcher             = "200"
     timeout             = "5"
     path                = "/health"
+    port                = local.management-port
     unhealthy_threshold = "2"
   }
 }
@@ -331,6 +339,10 @@ resource "aws_ecs_task_definition" "keycloak" {
       protocol      = "tcp"
       containerPort = local.container-port
       hostPort      = local.container-port
+      }, {
+      protocol      = "tcp"
+      containerPort = local.management-port
+      hostPort      = local.management-port
     }]
     logConfiguration = {
       logDriver = "awslogs"

diff --git a/ecs-cluster/versions.tf b/ecs-cluster/versions.tf
@@ -4,7 +4,7 @@ terraform {
     # by running `terraform init -backend=false -upgrade`
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.26"
+      version = "~> 5.58"
     }
 
     http = {
@@ -14,12 +14,12 @@ terraform {
 
     random = {
       source  = "hashicorp/random"
-      version = "~> 3.5"
+      version = "~> 3.6"
     }
 
     local = {
       source  = "hashicorp/local"
-      version = "~> 2.4"
+      version = "~> 2.5"
     }
   }
 

diff --git a/ecs-cluster/vpc.tf b/ecs-cluster/vpc.tf
@@ -2,7 +2,7 @@ data "aws_availability_zones" "available" {}
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "5.2.0"
+  version = "5.9.0"
   count   = var.vpc-id == "" ? 1 : 0
 
   name                 = "${var.name}-vpc"