Replies: 1 comment 13 replies
-
Beta Was this translation helpful? Give feedback.
-
I don't think so. The problem we have right now is that we define versions of some dependencies in the top-level parent pom, which sets versions used by WF distribution, adapters, testsuite, etc.. Right now we can't use the versions defined in the Quarkus BOM everywhere, and nor can we override the versions from the BOM in the Quarkus modules I think. As we get rid of WildFly distribution, and also refactor a bit around adapters we should be able to just import the Quarkus BOM at the top-level. |
Beta Was this translation helpful? Give feedback.
-
|
I prepared a stub of the technical integration with @gsmet and @maxandersen thanks a lot for your input! |
Beta Was this translation helpful? Give feedback.
-
|
@stianst I was considering the requirement of having a separate
Regarding the update of the dependencies, I do believe that we can simply exclude it at first with a tuned selective update (like the one implemented here) and improve on it over time. All in all I feel that we can keep your initial indication as a final goal and progress toward it with smaller steps. |
Beta Was this translation helpful? Give feedback.
-
|
From looking at upgrades of Quarkus in the past, most upgrades have included some code changes on our end. The reasoning for a separate branch is that I want to have the upgrade ready and prepared in advance of the Quarkus final release, as we want to release as close to the Quarkus release as we can. |
Beta Was this translation helpful? Give feedback.
-
|
@stianst here you have a prototype for a possible solution to the separate branch: https://github.com/andreaTP/keycloak/blob/test-quarkus-branch/.github/workflows/quarkus-branch.yaml Since those actions are third-party I would suggest a code review(I did it and found the code legit but better to have another couple of eyes) + forking under the keycloak organization. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
We have consistently had challenges with upgrading to new WildFly releases, which results in a large gap between when WildFly is released, and a Keycloak release with the upgrade to the new WildFly. To illustrate this WildFly 24 was released on June 17th, WildFly 25 was released on October 5th, and we still don't have a Keycloak release available based on either.
Purely from a perspective of CVEs in dependencies inherited from WildFly this is not acceptable. In addition it is taking a lot of resources to manage these upgrades.
With Keycloak.X and Quarkus the aim is to continuously upgrade, with Keycloak releases being done as close as possible to a Quarkus release as possible. This means we need to verify Quarkus continuously has development happens, rather than at the time of a release.
One issue with that is we want our main branch to be updated only when an actual Quarkus release has happened, and there can be incompatibilities between the latest Quarkus release and Quarkus main branch.
The solution I'd like to propose for this is creating a GitHub workflow that can automate the following:
The workflow should at least run nightly, but could run more frequently than that. The reason behind the "quarkus-update" branch is that if there are changes required we can detect this and send a PR to resolve these issues to the "quarkus-update" branch without breaking the main branch which needs to remain compatible with the latest Quarkus release.
One issue that we can't solve right now, is that we can't inherit dependency versions from the Quarkus BOM, which requires manually updating dependency versions in https://github.com/keycloak/keycloak/blob/main/quarkus/pom.xml. This is something we need to live with for now until we can remove support for WildFly, and potentially also move adapters into a separate repository. In the long run though versions of dependencies inherited from Quarkus should set by adding the Quarkus BOM to the Keycloak parent.
Beta Was this translation helpful? Give feedback.
All reactions