Sunbird-Lern · chethann007 · Sep 9, 2025 · Sep 9, 2025 · Sep 9, 2025
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,71 @@
+name: Build and Deploy
+
+on:
+    push:
+      tags:
+        - '*'
+
+jobs:
+  ghcr-build-and-deploy:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    env:
+      REGISTRY: ghcr.io
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v2
+        with:
+          distribution: 'temurin'
+          java-version: '11'
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Build the project
+        run: |
+            cd keycloak/sms-provider
+            mvn clean install -DskipTests
+            cd ../..
+
+      - name: Copy the JAR to provider directory of keycloak
+        run: |
+            cp keycloak/sms-provider/target/keycloak-email-phone-autthenticator-*.jar keycloak-21.1.2/providers/
+
+      - name: Extract image tag details
+        id: image_vars
+        run: |
+          REPO_LOWER=$(echo "${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]')
+          SHORT_SHA=$(git rev-parse --short HEAD)
+          TAG_LOWER=$(echo "${GITHUB_REF_NAME}" | tr '[:upper:]' '[:lower:]')
+          IMAGE_NAME=${{ env.REGISTRY }}/${REPO_LOWER}
+          IMAGE_TAG=${TAG_LOWER}_${SHORT_SHA}_${GITHUB_RUN_NUMBER}
+          echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV
+          echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV
+      - name: Log in to GitHub Container Registry (GHCR)
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image to GHCR
+        uses: docker/build-push-action@v4
+        with:
+          context: ./keycloak-21.1.2
+          push: true
+          tags: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
diff --git a/keycloak-21.1.2/Dockerfile b/keycloak-21.1.2/Dockerfile
@@ -0,0 +1,37 @@
+
+FROM quay.io/keycloak/keycloak:21.1.2 AS builder
+
+ENV KC_FEATURES=token-exchange
+ENV KC_HEALTH_ENABLED=true
+ENV KC_METRICS_ENABLED=true
+
+
+FROM quay.io/keycloak/keycloak:21.1.2
+COPY --from=builder /opt/keycloak/ /opt/keycloak/
+
+
+COPY ./conf/ /opt/keycloak/conf/
+COPY ./providers/ /opt/keycloak/providers/
+COPY ./themes/ /opt/keycloak/themes/
+COPY ./imports/ /opt/keycloak/imports/
+
+
+USER root
+RUN chown -R keycloak:keycloak /opt/keycloak
+USER keycloak
+
+
+ENV KC_PROXY=edge
+ENV KC_HOSTNAME_STRICT=false
+ENV KC_HOSTNAME_STRICT_HTTPS=false
+ENV KC_HTTP_RELATIVE_PATH=/auth
+ENV KC_SPI_LOGIN_PROTOCOL_OPENID_CONNECT_LEGACY_LOGOUT_REDIRECT_URI=true
+
+RUN /opt/keycloak/bin/kc.sh build
+
+EXPOSE 8080
+
+WORKDIR /opt/keycloak
+
+ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
+CMD ["start", "--optimized", "--import-realm", "--spi-connections-jpa-legacy-migration-strategy=update", "--spi-login-protocol-openid-connect-suppress-logout-confirmation-screen=true"]
diff --git a/keycloak-21.1.2/README.md b/keycloak-21.1.2/README.md
@@ -0,0 +1,19 @@
+# Sunbird Keycloak Setup
+
+
+## Configuration Values
+Here are the configuration values pulled from `keycloak.conf`:
+- **Database Type**: `db=postgres`
+- **Database Username**: `db-username=postgres`
+- **Database Password**: `db-password=postgres`
+- **Database URL**: `db-url=jdbc:postgresql://localhost:5432/keycloak?sslmode=require`
+- **HTTP Relative Path**: `http-relative-path=/auth`
+
+## Configuration Values with Placeholders
+
+Any placeholders in the pattern `{{ .Values.<key> }}` in `imports/sunbird-realm.json` need to be filled with appropriate values during local setup.
+
+## Docker Build Command
+To build the Docker image, use the following command:
+```bash
+docker build -t my-keycloak-image .
diff --git a/keycloak-21.1.2/conf/README.md b/keycloak-21.1.2/conf/README.md
@@ -0,0 +1,4 @@
+Configure the server
+====================
+
+Files in this directory are used to configure the server. Please consult the [configuration guides](https://www.keycloak.org/guides#server) for more information.
diff --git a/keycloak-21.1.2/conf/cache-ispn.xml b/keycloak-21.1.2/conf/cache-ispn.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2019 Red Hat, Inc. and/or its affiliates
+  ~ and other contributors as indicated by the @author tags.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<infinispan
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="urn:infinispan:config:14.0 http://www.infinispan.org/schemas/infinispan-config-14.0.xsd"
+        xmlns="urn:infinispan:config:14.0">
+
+    <cache-container name="keycloak">
+        <transport lock-timeout="60000"/>
+        <local-cache name="realms">
+            <encoding>
+                <key media-type="application/x-java-object"/>
+                <value media-type="application/x-java-object"/>
+            </encoding>
+            <memory max-count="10000"/>
+        </local-cache>
+        <local-cache name="users">
+            <encoding>
+                <key media-type="application/x-java-object"/>
+                <value media-type="application/x-java-object"/>
+            </encoding>
+            <memory max-count="10000"/>
+        </local-cache>
+        <distributed-cache name="sessions" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <distributed-cache name="authenticationSessions" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <distributed-cache name="offlineSessions" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <distributed-cache name="clientSessions" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <distributed-cache name="offlineClientSessions" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <distributed-cache name="loginFailures" owners="2">
+            <expiration lifespan="-1"/>
+        </distributed-cache>
+        <local-cache name="authorization">
+            <encoding>
+                <key media-type="application/x-java-object"/>
+                <value media-type="application/x-java-object"/>
+            </encoding>
+            <memory max-count="10000"/>
+        </local-cache>
+        <replicated-cache name="work">
+            <expiration lifespan="-1"/>
+        </replicated-cache>
+        <local-cache name="keys">
+            <encoding>
+                <key media-type="application/x-java-object"/>
+                <value media-type="application/x-java-object"/>
+            </encoding>
+            <expiration max-idle="3600000"/>
+            <memory max-count="1000"/>
+        </local-cache>
+        <distributed-cache name="actionTokens" owners="2">
+            <encoding>
+                <key media-type="application/x-java-object"/>
+                <value media-type="application/x-java-object"/>
+            </encoding>
+            <expiration max-idle="-1" lifespan="-1" interval="300000"/>
+            <memory max-count="-1"/>
+        </distributed-cache>
+    </cache-container>
+</infinispan>
diff --git a/keycloak-21.1.2/conf/keycloak.conf b/keycloak-21.1.2/conf/keycloak.conf
@@ -0,0 +1,16 @@
+db=postgres
+db-username=postgres
+db-password=postgres
+db-url=jdbc:postgresql://localhost:5432/keycloak?sslmode=require
+http-relative-path=/auth
+log=console,file
+log-level=INFO,com.arjuna:WARN,io.jaegertracing.Configuration:WARN,org.jboss.as.config:DEBUG,sun.rmi:WARN,org.keycloak:INFO
+log-console-color=true
+log-console-output=default
+log-file-output=default
+log-console-format='%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n'
+log-file-format='%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n'
+
+DEBUG='true'
+DEBUG_PORT='*:8787'
+spi-login-logout-skip-confirmation=true