Re: [keycloak-dev] Running custom scripts in Keycloak container image

Hey guys, A while ago, one of our contributors, Wouter, sent an interesting pull request: https://github.com/jboss-dockerfiles/keycloak/pull/176 The aim is to allow running custom scripts just before Keycloak boots up and after the main configuration is done. This allows a user to inject his own scripts (even *.cli) into /opt/jboss/tools/docker-entrypoint.d and execute them automatically. This is somewhat related to what the Integrately Team is doing. They basically use an InitContainer [1] to put additional extensions into our image. Perhaps with the proposed approach, they could embed a custom script that would download whatever extensions they need and put them into the deployments directory? After thinking about this for a while, and besides really good advantages of the Pull Request, I have some doubts. The biggest one is about our guarantees with regard the Keycloak distribution (by saying distribution I mean the binaries, their structure and Keycloak server location in the image). If we accept this approach, it will be pretty hard for us to change any major thing (even some trivial things like the location of the Keycloak Server) without breaking the client scripts. Personally, I'm slightly leaning towards accepting this feature, but with a description in README, that the user scripts may break at any time and in any version (maybe even we should print this message in our logs). This way we'll make the contract for such scripts very clear. What do you think? Thanks, Sebastian [1] https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev