From 2cc14ec2ad99040059ace02dfd29bcd860e31af8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 15 Jan 2025 01:52:40 +0000 Subject: [PATCH] Sync documentation of main branch --- .../main/config/quarkus-all-config.adoc | 249 +++++++++++++++--- .../config/quarkus-container-image-jib.adoc | 2 +- ...arkus-container-image-jib_quarkus.jib.adoc | 2 +- .../config/quarkus-core_quarkus.package.adoc | 2 +- .../main/config/quarkus-datasource.adoc | 4 +- ...quarkus-datasource_quarkus.datasource.adoc | 4 +- ...source_quarkus.datasource.devservices.adoc | 4 +- .../main/config/quarkus-devservices-oidc.adoc | 55 ++++ ...quarkus-devservices-oidc_quarkus.oidc.adoc | 55 ++++ .../quarkus-kubernetes_quarkus.knative.adoc | 4 +- ...quarkus-kubernetes_quarkus.kubernetes.adoc | 68 ++++- .../quarkus-kubernetes_quarkus.openshift.adoc | 66 ++++- .../config/quarkus-rest-client-config.adoc | 54 ++++ ...est-client-config_quarkus.rest-client.adoc | 54 ++++ .../main/infra/quarkus-all-build-items.adoc | 25 +- .../infra/quarkus-maven-plugin-goals.adoc | 27 -- ...ui-oidc-dev-svc-login-for-custom-users.png | Bin 0 -> 11283 bytes .../images/dev-ui-oidc-dev-svc-login-page.png | Bin 0 -> 7044 bytes _versions/main/guides/init-tasks.adoc | 50 ++-- _versions/main/guides/rest-client.adoc | 6 + .../security-authentication-mechanisms.adoc | 5 + ...ity-authorize-web-endpoints-reference.adoc | 43 +++ .../guides/security-identity-providers.adoc | 2 +- _versions/main/guides/security-jwt.adoc | 8 +- _versions/main/guides/security-ldap.adoc | 12 + ...ecurity-oidc-code-flow-authentication.adoc | 51 +++- .../security-openid-connect-dev-services.adoc | 71 +++-- 27 files changed, 779 insertions(+), 144 deletions(-) create mode 100644 _generated-doc/main/config/quarkus-devservices-oidc.adoc create mode 100644 _generated-doc/main/config/quarkus-devservices-oidc_quarkus.oidc.adoc create mode 100644 _versions/main/guides/images/dev-ui-oidc-dev-svc-login-for-custom-users.png create mode 100644 _versions/main/guides/images/dev-ui-oidc-dev-svc-login-page.png diff --git a/_generated-doc/main/config/quarkus-all-config.adoc b/_generated-doc/main/config/quarkus-all-config.adoc index edbbe3fb785..3831a4ac9d9 100644 --- a/_generated-doc/main/config/quarkus-all-config.adoc +++ b/_generated-doc/main/config/quarkus-all-config.adoc @@ -3425,7 +3425,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Whether or not to operate offline. +Whether, or not to operate offline. ifdef::add-copy-button-to-env-var[] @@ -9382,7 +9382,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Whether to automate the creation of AppCDS. Furthermore, this option only works for Java 11{plus} and is considered experimental for the time being. Finally, care must be taken to use the same exact JVM version when building and running the application. +Whether to automate the creation of AppCDS. Care must be taken to use the same exact JVM version when building and running the application. ifdef::add-copy-button-to-env-var[] @@ -11403,7 +11403,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The path to a SQL script to be loaded from the classpath and applied to the Dev Service database. +The paths to SQL scripts to be loaded from the classpath and applied to the Dev Service database. This has no effect if the provider is not a container-based database, such as H2 or Derby. @@ -11415,7 +11415,7 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_DATASOURCE_DEVSERVICES_INIT_SCRIPT_PATH+++` endif::add-copy-button-to-env-var[] -- -|string +|list of string | a|icon:lock[title=Fixed at build time] [[quarkus-datasource_quarkus-datasource-devservices-volumes-host-path]] [.property-path]##link:#quarkus-datasource_quarkus-datasource-devservices-volumes-host-path[`quarkus.datasource.devservices.volumes."host-path"`]## @@ -11975,6 +11975,55 @@ endif::add-copy-button-to-env-var[] |`4S` +h|[.extension-name]##DevServices - OIDC## +h|Type +h|Default + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-enabled]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-enabled[`quarkus.oidc.devservices.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Use OpenID Connect Dev Services instead of Keycloak. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`Enabled when Docker and Podman are not available` + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name[`quarkus.oidc.devservices.roles."role-name"`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.roles."role-name"+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +A map of roles for OIDC identity provider users. + +If empty, default roles are assigned: `alice` receives `admin` and `user` roles, while other users receive `user` role. This map is used for role creation when no realm file is found at the `realm-path`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++` +endif::add-copy-button-to-env-var[] +-- +|Map> +| + + h|[.extension-name]##Eclipse Vert.x - HTTP## h|Type h|Default @@ -37890,7 +37939,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -39091,7 +39140,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -44401,7 +44450,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -45602,7 +45651,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -48580,9 +48629,9 @@ endif::add-copy-button-to-env-var[] |int |`5005` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-enabled[`quarkus.kubernetes.init-tasks."init-tasks".enabled`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-enabled[`quarkus.kubernetes.init-tasks."task-name".enabled`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.kubernetes.init-tasks."init-tasks".enabled+++[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".enabled+++[] endif::add-copy-button-to-config-props[] @@ -48592,36 +48641,57 @@ If true, the init task will be generated. Otherwise, the init task resource gene ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__ENABLED+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__ENABLED+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__ENABLED+++` +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__ENABLED+++` endif::add-copy-button-to-env-var[] -- |boolean |`true` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-wait-for-container-image[`quarkus.kubernetes.init-tasks."init-tasks".wait-for-container.image`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image[`quarkus.kubernetes.init-tasks."task-name".wait-for-container.image`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.kubernetes.init-tasks."init-tasks".wait-for-container.image+++[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".wait-for-container.image+++[] endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++` +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++` endif::add-copy-button-to-env-var[] -- |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image-pull-policy[`quarkus.kubernetes.init-tasks."task-name".wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-enabled[`quarkus.kubernetes.init-task-defaults.enabled`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.kubernetes.init-task-defaults.enabled+++[] @@ -48651,7 +48721,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] @@ -48664,6 +48734,27 @@ endif::add-copy-button-to-env-var[] |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-wait-for-container-image-pull-policy[`quarkus.kubernetes.init-task-defaults.wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.kubernetes.init-task-defaults.wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-output-directory]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-output-directory[`quarkus.kubernetes.output-directory`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.kubernetes.output-directory+++[] @@ -48672,7 +48763,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Optionally set directory generated kubernetes resources will be written to. Default is `target/kubernetes`. +Optionally set directory generated Kubernetes resources will be written to. Default is `target/kubernetes`. ifdef::add-copy-button-to-env-var[] @@ -51584,7 +51675,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -52785,7 +52876,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -55658,9 +55749,9 @@ endif::add-copy-button-to-env-var[] |int |`5005` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-enabled[`quarkus.openshift.init-tasks."init-tasks".enabled`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-enabled[`quarkus.openshift.init-tasks."task-name".enabled`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.openshift.init-tasks."init-tasks".enabled+++[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".enabled+++[] endif::add-copy-button-to-config-props[] @@ -55670,36 +55761,57 @@ If true, the init task will be generated. Otherwise, the init task resource gene ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__ENABLED+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__ENABLED+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__ENABLED+++` +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__ENABLED+++` endif::add-copy-button-to-env-var[] -- |boolean |`true` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-wait-for-container-image[`quarkus.openshift.init-tasks."init-tasks".wait-for-container.image`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image[`quarkus.openshift.init-tasks."task-name".wait-for-container.image`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.openshift.init-tasks."init-tasks".wait-for-container.image+++[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".wait-for-container.image+++[] endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++` +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++` endif::add-copy-button-to-env-var[] -- |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image-pull-policy[`quarkus.openshift.init-tasks."task-name".wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-task-defaults-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-task-defaults-enabled[`quarkus.openshift.init-task-defaults.enabled`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.openshift.init-task-defaults.enabled+++[] @@ -55729,7 +55841,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] @@ -55742,6 +55854,27 @@ endif::add-copy-button-to-env-var[] |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-task-defaults-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-task-defaults-wait-for-container-image-pull-policy[`quarkus.openshift.init-task-defaults.wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.openshift.init-task-defaults.wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-deploy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-deploy[`quarkus.openshift.deploy`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.openshift.deploy+++[] @@ -83716,6 +83849,60 @@ endif::add-copy-button-to-env-var[] |boolean |`${microprofile.rest.client.disable.default.mapper:false}` +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-scope]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-scope[`quarkus.rest-client."client".logging.scope`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.scope+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Scope of logging for the client. + +WARNING: beware of logging sensitive data + +The possible values are: + + - `request-response` - enables logging request and responses, including redirect responses + - `all` - enables logging requests and responses and lower-level logging + - `none` - no additional logging + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit[`quarkus.rest-client."client".logging.body-limit`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.body-limit+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +How many characters of the body should be logged. Message body can be large and can easily pollute the logs. + +By default, set to 100. + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`100` + h|[.extension-name]##REST Kotlin Serialization ## h|Type diff --git a/_generated-doc/main/config/quarkus-container-image-jib.adoc b/_generated-doc/main/config/quarkus-container-image-jib.adoc index 66338a2252e..ca631d421fc 100644 --- a/_generated-doc/main/config/quarkus-container-image-jib.adoc +++ b/_generated-doc/main/config/quarkus-container-image-jib.adoc @@ -397,7 +397,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Whether or not to operate offline. +Whether, or not to operate offline. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-container-image-jib_quarkus.jib.adoc b/_generated-doc/main/config/quarkus-container-image-jib_quarkus.jib.adoc index 66338a2252e..ca631d421fc 100644 --- a/_generated-doc/main/config/quarkus-container-image-jib_quarkus.jib.adoc +++ b/_generated-doc/main/config/quarkus-container-image-jib_quarkus.jib.adoc @@ -397,7 +397,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Whether or not to operate offline. +Whether, or not to operate offline. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-core_quarkus.package.adoc b/_generated-doc/main/config/quarkus-core_quarkus.package.adoc index 6c7128dda1d..1965c0df459 100644 --- a/_generated-doc/main/config/quarkus-core_quarkus.package.adoc +++ b/_generated-doc/main/config/quarkus-core_quarkus.package.adoc @@ -239,7 +239,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Whether to automate the creation of AppCDS. Furthermore, this option only works for Java 11{plus} and is considered experimental for the time being. Finally, care must be taken to use the same exact JVM version when building and running the application. +Whether to automate the creation of AppCDS. Care must be taken to use the same exact JVM version when building and running the application. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-datasource.adoc b/_generated-doc/main/config/quarkus-datasource.adoc index 44f0c15087d..d52bab76780 100644 --- a/_generated-doc/main/config/quarkus-datasource.adoc +++ b/_generated-doc/main/config/quarkus-datasource.adoc @@ -583,7 +583,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The path to a SQL script to be loaded from the classpath and applied to the Dev Service database. +The paths to SQL scripts to be loaded from the classpath and applied to the Dev Service database. This has no effect if the provider is not a container-based database, such as H2 or Derby. @@ -595,7 +595,7 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_DATASOURCE_DEVSERVICES_INIT_SCRIPT_PATH+++` endif::add-copy-button-to-env-var[] -- -|string +|list of string | a|icon:lock[title=Fixed at build time] [[quarkus-datasource_quarkus-datasource-devservices-volumes-host-path]] [.property-path]##link:#quarkus-datasource_quarkus-datasource-devservices-volumes-host-path[`quarkus.datasource.devservices.volumes."host-path"`]## diff --git a/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.adoc b/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.adoc index 44f0c15087d..d52bab76780 100644 --- a/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.adoc +++ b/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.adoc @@ -583,7 +583,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The path to a SQL script to be loaded from the classpath and applied to the Dev Service database. +The paths to SQL scripts to be loaded from the classpath and applied to the Dev Service database. This has no effect if the provider is not a container-based database, such as H2 or Derby. @@ -595,7 +595,7 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_DATASOURCE_DEVSERVICES_INIT_SCRIPT_PATH+++` endif::add-copy-button-to-env-var[] -- -|string +|list of string | a|icon:lock[title=Fixed at build time] [[quarkus-datasource_quarkus-datasource-devservices-volumes-host-path]] [.property-path]##link:#quarkus-datasource_quarkus-datasource-devservices-volumes-host-path[`quarkus.datasource.devservices.volumes."host-path"`]## diff --git a/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.devservices.adoc b/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.devservices.adoc index 5c22ab55b3f..db93962d713 100644 --- a/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.devservices.adoc +++ b/_generated-doc/main/config/quarkus-datasource_quarkus.datasource.devservices.adoc @@ -291,7 +291,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The path to a SQL script to be loaded from the classpath and applied to the Dev Service database. +The paths to SQL scripts to be loaded from the classpath and applied to the Dev Service database. This has no effect if the provider is not a container-based database, such as H2 or Derby. @@ -303,7 +303,7 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_DATASOURCE_DEVSERVICES_INIT_SCRIPT_PATH+++` endif::add-copy-button-to-env-var[] -- -|string +|list of string | a|icon:lock[title=Fixed at build time] [[quarkus-datasource_quarkus-datasource-devservices_quarkus-datasource-devservices-volumes-host-path]] [.property-path]##link:#quarkus-datasource_quarkus-datasource-devservices_quarkus-datasource-devservices-volumes-host-path[`quarkus.datasource.devservices.volumes."host-path"`]## diff --git a/_generated-doc/main/config/quarkus-devservices-oidc.adoc b/_generated-doc/main/config/quarkus-devservices-oidc.adoc new file mode 100644 index 00000000000..d423268c184 --- /dev/null +++ b/_generated-doc/main/config/quarkus-devservices-oidc.adoc @@ -0,0 +1,55 @@ +[.configuration-legend] +icon:lock[title=Fixed at build time] Configuration property fixed at build time - All other configuration properties are overridable at runtime +[.configuration-reference.searchable, cols="80,.^10,.^10"] +|=== + +h|[.header-title]##Configuration property## +h|Type +h|Default + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-enabled]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-enabled[`quarkus.oidc.devservices.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Use OpenID Connect Dev Services instead of Keycloak. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`Enabled when Docker and Podman are not available` + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name[`quarkus.oidc.devservices.roles."role-name"`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.roles."role-name"+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +A map of roles for OIDC identity provider users. + +If empty, default roles are assigned: `alice` receives `admin` and `user` roles, while other users receive `user` role. This map is used for role creation when no realm file is found at the `realm-path`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++` +endif::add-copy-button-to-env-var[] +-- +|Map> +| + +|=== + diff --git a/_generated-doc/main/config/quarkus-devservices-oidc_quarkus.oidc.adoc b/_generated-doc/main/config/quarkus-devservices-oidc_quarkus.oidc.adoc new file mode 100644 index 00000000000..d423268c184 --- /dev/null +++ b/_generated-doc/main/config/quarkus-devservices-oidc_quarkus.oidc.adoc @@ -0,0 +1,55 @@ +[.configuration-legend] +icon:lock[title=Fixed at build time] Configuration property fixed at build time - All other configuration properties are overridable at runtime +[.configuration-reference.searchable, cols="80,.^10,.^10"] +|=== + +h|[.header-title]##Configuration property## +h|Type +h|Default + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-enabled]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-enabled[`quarkus.oidc.devservices.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Use OpenID Connect Dev Services instead of Keycloak. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`Enabled when Docker and Podman are not available` + +a|icon:lock[title=Fixed at build time] [[quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name]] [.property-path]##link:#quarkus-devservices-oidc_quarkus-oidc-devservices-roles-role-name[`quarkus.oidc.devservices.roles."role-name"`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc.devservices.roles."role-name"+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +A map of roles for OIDC identity provider users. + +If empty, default roles are assigned: `alice` receives `admin` and `user` roles, while other users receive `user` role. This map is used for role creation when no realm file is found at the `realm-path`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OIDC_DEVSERVICES_ROLES__ROLE_NAME_+++` +endif::add-copy-button-to-env-var[] +-- +|Map> +| + +|=== + diff --git a/_generated-doc/main/config/quarkus-kubernetes_quarkus.knative.adoc b/_generated-doc/main/config/quarkus-kubernetes_quarkus.knative.adoc index cb8430080bd..9c68f9751d0 100644 --- a/_generated-doc/main/config/quarkus-kubernetes_quarkus.knative.adoc +++ b/_generated-doc/main/config/quarkus-kubernetes_quarkus.knative.adoc @@ -2860,7 +2860,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -4061,7 +4061,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-kubernetes_quarkus.kubernetes.adoc b/_generated-doc/main/config/quarkus-kubernetes_quarkus.kubernetes.adoc index 259f1c706c9..40345101d6e 100644 --- a/_generated-doc/main/config/quarkus-kubernetes_quarkus.kubernetes.adoc +++ b/_generated-doc/main/config/quarkus-kubernetes_quarkus.kubernetes.adoc @@ -2860,7 +2860,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -4061,7 +4061,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -7039,9 +7039,9 @@ endif::add-copy-button-to-env-var[] |int |`5005` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-enabled[`quarkus.kubernetes.init-tasks."init-tasks".enabled`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-enabled[`quarkus.kubernetes.init-tasks."task-name".enabled`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.kubernetes.init-tasks."init-tasks".enabled+++[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".enabled+++[] endif::add-copy-button-to-config-props[] @@ -7051,36 +7051,57 @@ If true, the init task will be generated. Otherwise, the init task resource gene ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__ENABLED+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__ENABLED+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__ENABLED+++` +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__ENABLED+++` endif::add-copy-button-to-env-var[] -- |boolean |`true` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-init-tasks-wait-for-container-image[`quarkus.kubernetes.init-tasks."init-tasks".wait-for-container.image`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image[`quarkus.kubernetes.init-tasks."task-name".wait-for-container.image`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.kubernetes.init-tasks."init-tasks".wait-for-container.image+++[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".wait-for-container.image+++[] endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++` +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++` endif::add-copy-button-to-env-var[] -- |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-tasks-task-name-wait-for-container-image-pull-policy[`quarkus.kubernetes.init-tasks."task-name".wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.kubernetes.init-tasks."task-name".wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-enabled[`quarkus.kubernetes.init-task-defaults.enabled`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.kubernetes.init-task-defaults.enabled+++[] @@ -7110,7 +7131,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] @@ -7123,6 +7144,27 @@ endif::add-copy-button-to-env-var[] |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-init-task-defaults-wait-for-container-image-pull-policy[`quarkus.kubernetes.init-task-defaults.wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.kubernetes.init-task-defaults.wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_KUBERNETES_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_KUBERNETES_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-kubernetes-output-directory]] [.property-path]##link:#quarkus-kubernetes_quarkus-kubernetes-output-directory[`quarkus.kubernetes.output-directory`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.kubernetes.output-directory+++[] @@ -7131,7 +7173,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -Optionally set directory generated kubernetes resources will be written to. Default is `target/kubernetes`. +Optionally set directory generated Kubernetes resources will be written to. Default is `target/kubernetes`. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-kubernetes_quarkus.openshift.adoc b/_generated-doc/main/config/quarkus-kubernetes_quarkus.openshift.adoc index 6d762c92315..03092f90804 100644 --- a/_generated-doc/main/config/quarkus-kubernetes_quarkus.openshift.adoc +++ b/_generated-doc/main/config/quarkus-kubernetes_quarkus.openshift.adoc @@ -2860,7 +2860,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -4061,7 +4061,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The image pull secret +The image pull secrets. ifdef::add-copy-button-to-env-var[] @@ -6934,9 +6934,9 @@ endif::add-copy-button-to-env-var[] |int |`5005` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-enabled[`quarkus.openshift.init-tasks."init-tasks".enabled`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-enabled[`quarkus.openshift.init-tasks."task-name".enabled`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.openshift.init-tasks."init-tasks".enabled+++[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".enabled+++[] endif::add-copy-button-to-config-props[] @@ -6946,36 +6946,57 @@ If true, the init task will be generated. Otherwise, the init task resource gene ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__ENABLED+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__ENABLED+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__ENABLED+++` +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__ENABLED+++` endif::add-copy-button-to-env-var[] -- |boolean |`true` -a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-init-tasks-wait-for-container-image[`quarkus.openshift.init-tasks."init-tasks".wait-for-container.image`]## +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image[`quarkus.openshift.init-tasks."task-name".wait-for-container.image`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.openshift.init-tasks."init-tasks".wait-for-container.image+++[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".wait-for-container.image+++[] endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__INIT_TASKS__WAIT_FOR_CONTAINER_IMAGE+++` +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE+++` endif::add-copy-button-to-env-var[] -- |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-tasks-task-name-wait-for-container-image-pull-policy[`quarkus.openshift.init-tasks."task-name".wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.openshift.init-tasks."task-name".wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASKS__TASK_NAME__WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-task-defaults-enabled]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-task-defaults-enabled[`quarkus.openshift.init-task-defaults.enabled`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.openshift.init-task-defaults.enabled+++[] @@ -7005,7 +7026,7 @@ endif::add-copy-button-to-config-props[] [.description] -- -The init task image to use by the init-container. +The init task image to use by the init container. ifdef::add-copy-button-to-env-var[] @@ -7018,6 +7039,27 @@ endif::add-copy-button-to-env-var[] |string |`groundnuty/k8s-wait-for:no-root-v1.7` +a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-init-task-defaults-wait-for-container-image-pull-policy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-init-task-defaults-wait-for-container-image-pull-policy[`quarkus.openshift.init-task-defaults.wait-for-container.image-pull-policy`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.openshift.init-task-defaults.wait-for-container.image-pull-policy+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Image pull policy. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OPENSHIFT_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_OPENSHIFT_INIT_TASK_DEFAULTS_WAIT_FOR_CONTAINER_IMAGE_PULL_POLICY+++` +endif::add-copy-button-to-env-var[] +-- +a|`always`, `if-not-present`, `never` +|`always` + a|icon:lock[title=Fixed at build time] [[quarkus-kubernetes_quarkus-openshift-deploy]] [.property-path]##link:#quarkus-kubernetes_quarkus-openshift-deploy[`quarkus.openshift.deploy`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.openshift.deploy+++[] diff --git a/_generated-doc/main/config/quarkus-rest-client-config.adoc b/_generated-doc/main/config/quarkus-rest-client-config.adoc index b81668042ae..d596a90ba01 100644 --- a/_generated-doc/main/config/quarkus-rest-client-config.adoc +++ b/_generated-doc/main/config/quarkus-rest-client-config.adoc @@ -1668,6 +1668,60 @@ endif::add-copy-button-to-env-var[] |boolean |`${microprofile.rest.client.disable.default.mapper:false}` +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-scope]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-scope[`quarkus.rest-client."client".logging.scope`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.scope+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Scope of logging for the client. + +WARNING: beware of logging sensitive data + +The possible values are: + + - `request-response` - enables logging request and responses, including redirect responses + - `all` - enables logging requests and responses and lower-level logging + - `none` - no additional logging + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit[`quarkus.rest-client."client".logging.body-limit`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.body-limit+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +How many characters of the body should be logged. Message body can be large and can easily pollute the logs. + +By default, set to 100. + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`100` + |=== ifndef::no-memory-size-note[] diff --git a/_generated-doc/main/config/quarkus-rest-client-config_quarkus.rest-client.adoc b/_generated-doc/main/config/quarkus-rest-client-config_quarkus.rest-client.adoc index b81668042ae..d596a90ba01 100644 --- a/_generated-doc/main/config/quarkus-rest-client-config_quarkus.rest-client.adoc +++ b/_generated-doc/main/config/quarkus-rest-client-config_quarkus.rest-client.adoc @@ -1668,6 +1668,60 @@ endif::add-copy-button-to-env-var[] |boolean |`${microprofile.rest.client.disable.default.mapper:false}` +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-scope]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-scope[`quarkus.rest-client."client".logging.scope`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.scope+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Scope of logging for the client. + +WARNING: beware of logging sensitive data + +The possible values are: + + - `request-response` - enables logging request and responses, including redirect responses + - `all` - enables logging requests and responses and lower-level logging + - `none` - no additional logging + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_SCOPE+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit]] [.property-path]##link:#quarkus-rest-client-config_quarkus-rest-client-client-logging-body-limit[`quarkus.rest-client."client".logging.body-limit`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.rest-client."client".logging.body-limit+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +How many characters of the body should be logged. Message body can be large and can easily pollute the logs. + +By default, set to 100. + +This property is applicable to reactive REST clients only. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_REST_CLIENT__CLIENT__LOGGING_BODY_LIMIT+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`100` + |=== ifndef::no-memory-size-note[] diff --git a/_generated-doc/main/infra/quarkus-all-build-items.adoc b/_generated-doc/main/infra/quarkus-all-build-items.adoc index 8c96ee577dd..aa6063bcebc 100644 --- a/_generated-doc/main/infra/quarkus-all-build-items.adoc +++ b/_generated-doc/main/infra/quarkus-all-build-items.adoc @@ -3745,6 +3745,25 @@ _No Javadoc found_ _No Javadoc found_ +|=== +== DevServices - OIDC +[.configuration-reference,cols=2*] +|=== +h|Class Name +h|Attributes + + + + +a| https://github.com/quarkusio/quarkus/blob/main/extensions/devservices/oidc/src/main/java/io/quarkus/devservices/oidc/OidcDevServicesConfigBuildItem.java[`io.quarkus.devservices.oidc.OidcDevServicesConfigBuildItem`, window="_blank"] +[.description] +-- +OIDC Dev Services configuration properties. +-- a|`java.util.Map config` + +_No Javadoc found_ + + |=== == Elasticsearch REST client common [.configuration-reference,cols=2*] @@ -5052,7 +5071,7 @@ _No Javadoc found_ a| https://github.com/quarkusio/quarkus/blob/main/extensions/kubernetes/spi/src/main/java/io/quarkus/kubernetes/spi/KubernetesInitContainerBuildItem.java[`io.quarkus.kubernetes.spi.KubernetesInitContainerBuildItem`, window="_blank"] [.description] -- -A Built item for generating init containers. The generated container will have the specified fields and may optionally inherit env vars and volumes from the app container. +A Build item for generating init containers. The generated container will have the specified fields and may optionally inherit env vars and volumes from the app container. Env vars specified through this build item, will take precedence over inherited ones. -- a|`java.lang.String name` @@ -5066,6 +5085,10 @@ _No Javadoc found_ _No Javadoc found_ +`java.lang.String imagePullPolicy` + +_No Javadoc found_ + `java.util.List command` _No Javadoc found_ diff --git a/_generated-doc/main/infra/quarkus-maven-plugin-goals.adoc b/_generated-doc/main/infra/quarkus-maven-plugin-goals.adoc index 6ba436dfd03..54701e78168 100644 --- a/_generated-doc/main/infra/quarkus-maven-plugin-goals.adoc +++ b/_generated-doc/main/infra/quarkus-maven-plugin-goals.adoc @@ -1331,15 +1331,6 @@ a| [[quarkus-maven-plugin-goal-dev-pluginRepos]] pluginRepos |`List` (required) |`${project.remotePluginRepositories}` -a| [[quarkus-maven-plugin-goal-dev-preventnoverify]] preventnoverify - -[.description] --- -This value is intended to be set to true when some generated bytecode is erroneous causing the JVM to crash when the verify:none option is set (which is on by default) --- -|`boolean` -|`${preventnoverify}` - a| [[quarkus-maven-plugin-goal-dev-project]] project |`MavenProject` (required) |`${project}` @@ -3051,15 +3042,6 @@ a| [[quarkus-maven-plugin-goal-remote-dev-pluginRepos]] pluginRepos |`List` (required) |`${project.remotePluginRepositories}` -a| [[quarkus-maven-plugin-goal-remote-dev-preventnoverify]] preventnoverify - -[.description] --- -This value is intended to be set to true when some generated bytecode is erroneous causing the JVM to crash when the verify:none option is set (which is on by default) --- -|`boolean` -|`${preventnoverify}` - a| [[quarkus-maven-plugin-goal-remote-dev-project]] project |`MavenProject` (required) |`${project}` @@ -3546,15 +3528,6 @@ a| [[quarkus-maven-plugin-goal-test-pluginRepos]] pluginRepos |`List` (required) |`${project.remotePluginRepositories}` -a| [[quarkus-maven-plugin-goal-test-preventnoverify]] preventnoverify - -[.description] --- -This value is intended to be set to true when some generated bytecode is erroneous causing the JVM to crash when the verify:none option is set (which is on by default) --- -|`boolean` -|`${preventnoverify}` - a| [[quarkus-maven-plugin-goal-test-project]] project |`MavenProject` (required) |`${project}` diff --git a/_versions/main/guides/images/dev-ui-oidc-dev-svc-login-for-custom-users.png b/_versions/main/guides/images/dev-ui-oidc-dev-svc-login-for-custom-users.png new file mode 100644 index 0000000000000000000000000000000000000000..f82a9733a4ca9efd3eb593482f7ab9b1c4ce728c GIT binary patch literal 11283 zcmdUVcTiK`zwJR35Tqz53JONQf>JF=HGok-MVj<3AVqqQ5FjcbC{mOT(nLTANu-4u zqA0!hPUtN_XbCNZcf4=r&hO2eH*e7=dsf^Upou*Z5VEG(l_T9e?{3*IV5-nwpf-f$~VTfpAc z&Ba#S%f{2z*44|w&6~_fPy~R>z~hJa^nU5}}Ujcxaq*y#N08E~7I14EIma+nu6--V5 zF_+NCfTkz|2H=Gn3IK|;^#NeGTLgH$^51Nj=1VdI{cm~%WVYn{R=bvN~6gK9*xGuZ=BzQSrR9NEy{K8`P_X|wX|hrpjm zVb*f(VzY|gXfr5_o{Jss8hY+1{nBiF6{?=P6oY=2FQsaejn4xBzYCF(BJm9qx~0h+ z!y=)v+z36u{WN&SC(Q+g4p9a`R^lZRi zIt}X^>hbG!Tl)sx)4!N5S@5Jmr(a^pb0 z>D*{eYj!krZFV-U$SVw2bMNM5cOy?vZ}07CI8j1e{4DID3Z-TXQ|%)^p3t7U%)iWi z<}+RD&@QKE*gK0`uf4q;79Jkn^oEhyWuhj(=Ig!N_pGPCkpcq(&JhlxpcaCFY`Erl z!N!bGMP+3mZ9{F(uMw@jxfunOB~6hUGjqxs_+t>ef0HP z1yeQJVJyNqUZd$X0J+x_IZZlIa<8*t=ToiDy zNrMwwp5J7FNb&ig=0wUy{ISh_Vj9U2bKy;jl^neYsJazY!MYzHpc+@jiC4+;a|R76co&uz-PO(R_!cKEiAxy-J^bl z&(F_){yZHM6C)91UbrI?-|{J2b;QjYSp0SoNe~f|Z|MD<-CtK&SU5d>hcuW+iHfSF z;6}^y@)8phnU6D_(h}&_CjJOAPw^>R9qo0ioWn5-2K;l?CQLI={Rv;d{`OK#jMK`7 zJdnBNNizsldl;fts^|{S-F@n@kvx);Qctdhu2pS3c*pJq_d;RaWIcD+8`wz&C=?oX z=sEd1qQUl0xXw(2#&-`ITHWj$ zu>4kvFl_j6wsrM30GJ7tq10UB2f##*)C{OyzWt97N09r#@B6=w@boK+L9e-{|Gek+ zO=AP(c^j3OUR`Tx=?D!CCBlh})xNe;Qc@wI@7SL_61#DuxkK&+xf{sj_TV@fQMz-A zklN5c-sfEN@hnzPLqkJHCyRhob|zK~4astHMl%{85G<+Yu~Uxs6acf6_VFW`gTsgq zxL-m2*LcpJJ$Lr(2!a(@?31|f8xr$?Tux#;gz-k}OG z0N>{4`2QX{)d(>BN6J7on4E|;{86L~al?Iw3wE3tj+kkOyMFPF#fKdONe_=?4Z6Wn(ZiJGwd~PQrXInu*;S(aR-$6=9h&`FIo-K%^k*|h%g>XR;)D%kB z)w#Jj(g3!9$vZ2{s=4_pVkau-kP@n)I@9kT2y_|CdZJ*M%K5hBUM2MI#-I0BNN3V8 z9(5t_@rWHo&)Fswf$!SabBR*fS+#V^pk?opH!R$|`VO7G!z*N&;Xmsh1Q#KrLt1Gdn=-*FIeF0KE5Ctur@vG}51f77YiZ(JX|?A1fK7~YuI ztC*g>IM&`tl)P$_w^nZB&rYET))0)Y^RR|qk*zR&KKK*N&$|*5e7w9QR=>vR)b@nM zr1M}EbLseGnxlPP_2c>EB&iCg!OQVaY)vuG3MBSryYF6q#F8a0>Qvc<^E$`FBNlT0 zmi27->8qyDuEBEk(MV2UHy*5CEphoEFwZW`iSNy$mX{r4hx?$#jeY!i=9_Q$B2`(s z`^LO~A^Q2sxU4(Z%n281IsN8e3Xi>}PW}Lku3qz1RRg^^J$U_g@mKMeSH-T{X6_WS)tU7k%rtrX1km-_-v#Qu3B?C;@Ax_u^LM=B}hog<{3n+ zeP@E6UR+}XWou)jNW#O%t9liu0M3Z*?c|PxxVZQPO85s>cD54eH{{VSvUV5Cz{p%S z%69B^N2}aFVm%XgXs&#Q@L>8GV%6Q$r&d;{!MO2;@3{N;s6Tz0a@%%Uh8PeZle9QB zmG9Oda)RZ2rV)?e?wk&uvp`ajf2 zr3woQ65SGmvilQGLY}C1vR{n5`TVDHPDxK^r{v4^E|PGbfu4gQ#>k`D&6VM2zlWS) z{H4&}xEB9QmCs*On^Ji?t2iCFiF$87hlECRt>9v$A=pM&1mCzGl#_cz9 zf{7u9?Fu?t{hVD%NY5-NENp6rE)UjA2L1d=Kb*ni@l-OgdX|Lcr$nwEEi+6O%RWQ# zy#KAc0{u+}VMg0Dr)-A@1R=Hk@7_aOV8Pm#v zviIJJJ<=c=ionfof){ge>ws8&qNY#5dn>B=x2x1K=aim5*VfinR?ft_C5~77#>erf zsZjXhVqWcUKSmpfhAj5flRJ@gr@_q3G=*||yEP1^;K`$>7w^4r(A4w|3_P53265OY z8C;gPGi1XX@hv;&2rflNAzWd_oQjmbUK{Ks_-xZ@$e(W{;p*yY{1JV6rqL5Ex-dUa zC)z}7rFb9aWdsGtnSvGVL=>{taiL>%pp6BhnIW%l;xB#WO3!ff<1Fnz4GsDR1|zU* zA=j@riHi2BHg4<4%9(qz86M^U%EEKIf)&?}5Sx!t;&6~eP&X)4YPW;bLPwfQSuL(m zFXx#b!q3u^ZS|fkFliWtJk^ycQ%Wn!Z+3td+8=g1I6Icrc02IEzV|P;jvWIs@p5!# zj0xItFZ)Rjj@saFq}BWNF#(M|2RnaiU)?n;jhPvswQNK)Fdg@H*~=yn2+c1FF!|uC zn?$+)>lb=}la*Ea{He0Cvcxf%0w)IuCNt%ZO_V%rsXl2nUl1)0TIK_MMfN# zr~fE3DFdLd%?jqTVlg4UX?Pj~5%G`k9V1MG3_BXj>BO+B*{~PXIslC!5fozMeQE zG0On@Qe0m?w~z&Se%`S{z_-~(T3R%z*7 zeSQ7^d6B=I4D8f{WF(2NM?`{Ljss>NuLkPL)AvLGWwrmdOf0Qug0WN~6n5+R&&>NL zPi75}!ysJKZ_+ZKL!q#rh)!Eq@Wq(2HdRA_(kdhJ>EzJV__}5k`bI`ma1>@?< z+2Q}sHQSGQd4^W^=^HgOK0aj-$l#yGM$YrH>$^oZ6bi-VcF*A*L5DsP8%R}On$gvA zXczqmPqMVfyms(9Iy%h7#q_NVHy4DCre=ptgN4G&p4kI3(w$CAOifM2uD>4}8>7)^ zqt-7TgQ+HpOavx5LC~mgXrL@#3jF$g5rtJOHxk3m*_FJUdFP`zF`=kfYhLAjLsYby zI^r>?mA*L@MqUtrTAQv`E?8(6#7WX--{88HI2K zs1S=9E4Y91JuKXZ)NAst#csHmEQ!<&X6D4t4UB?am2{!0ld~f$J3Ief`D;>Q0UOnB zwu17rE3*NIvp2x?;kY4|&Da+-ILJaJ%W5NBAZZi*U|QS~K*4aE0!yg#9Ku?!3q z$U`r$lJdmCH28S6%>j;`)bsAtg_M}27pFh0|5$G~mBy%>#>ON`c@MecEeM`-AC%Td z($dld5i2*eBs*6}%U`yZx~{pte;;h$?mrv6Lu_wVkO--89ou~zDUl_+u8P<2Art3(xDxtB1?#-C6{ znZw!9G01I0K`8byOA*3Q_3>j5GiN0@XY{70iFJ8SQ#ri4CXv1W474yv8(H*pk>B`Fb-S|d=Qfc3$G2_A4y1hn)~I8 zGsz{p+sM$+smQ39^HS-!slNH#(j29cNjfH$7ro+EZf#L=ZFvw(y+6zxP)}4${#qK0e0|!dAHoGXLIsfw}ZoXx0}iB z;tA*D3Gwqg@`1~GYu(vJMIK&9)Um1Ga*du|Tbo-cK?;pA;u;z*%C89#5fK(xLY>B0o>_4dS>*O&+|W>kV&DNQq~nX+;cw1X zO`fyqgkqB%TtaUDrckyHdSEC>D%B)|;da?lJ)2` zv;2U-z}6NMq|vCX!cnJUd!?5>;n4RzEQ{r2WiHr$>SRB&gYK>qEc}WvI9xv?yJ|KU ztoMq#fn#JY2DjE?(OZB02>!fexYTPQDop_n$|)dgzwqgv=k_8Gc+_!Diz)a%i;j-P zz-E;i5R-5<13OZV#By2FLLQ5h?b8s#nklrEFALVz`y(A|rL;o0ujl4w?a#_95%r$) zZA<+qLvhQE;0TmDd7^s(YXjZqIJF#B&RqXMDb$yW5sLW}}AAivr0G!yBB>nKQ9pz61q&N%1Ahd1V~*eoQrWHG}*W zf~46XZFVJGFf^SKT)W%0^x?y1MTM+Z=h1*`Q`ZzM`~ksS-ebOLY z(*C+Sp_8p^5wO=UVNP>a7lUPSv6c*936b?)j2U(okoQgkET6+u1yS-W8Me098=HA=q&m zre|PaBxVf)`TqXCCt6zJpsU#S$ZztEaWs@ZOWk&nPs6C`^~FFQM6j~$thGC%5))zr zuY*-dX*__G4y`sbAAhDAEr-DT=_G1Fcwpf+m6hDW7Ds<#OYZEf6ciSCcRNf^?;q^$ z7aGyCxxQ9aiHN(je|sF8@ye5m`FKe~qy5&cTONn|WMX;w*RM5bq2sS{(~|_wAC;AR zKi?Eif3}WP<>uiT%T|jE3sZaf@}Vh5g1X|z@bK@2 zg<{v6Bqayu7v_9O=RPOJ^(iS%^!JO~EOd|wmW~G+D%q+zED?{ih>rYs<@`dP$=;@{7R0K-aa? zAlm|Se|MK*(2U!}(DJDF!(4K5H8Swk{WrL${AWBh>N5X;)H&3Bq~_&JL5AT6qJ+jh zBn-F|arID9`Ck;NK7*I5pz86c{ga}|rM-Z^!fn_8Re|@KB^JdEDK$)71(d6Y5bNLZ zY83?+ar*BMZS0_Q83ZT_ug^yfabbK)?5QP*j^07A;HMFV$DC zrG5Kx(=yL#eT(h zM>Z@RO{zVb8=M#^ciXW{f7RtrPRuwuaMw&d^zj3fN0-IWBe6wStF*?%;bXi!JkvA1 z*B~B?buvmx0lzhbVqXpfmah!q{H8>YYDfcmkcTRj)TKOuCz>AxZdH(f?+^`=kYiP$ zqxMgO79#gL+k#%S>`u+73fCU3U1@bg!VI&tYxXyZXinpGEU&ZH{syy~R+X;%WGW<+u}N8J>wNfXAXfz<$VHdgV_VPho2&`74tzd!m`pmi^9 zC2*-`I#frTWwy|7Ovb5Nxel-N=o(m?6(o+q#q7=+oN|+b9 zs@pjj&DI$%oP>Z1ieS)WR2-?nt@9pjmD8zgq?mV}UXKASfTph{r6NAdACpT24jR8G zMf06GSS+koJb1Oy%pJObHHbkvcVaGe(pOd7+$@dVB%*vBtpC`e}PRY_Rb!uL22^Wdtpvx2;^j{*vcF1_h=#xs468a*+y;Z5Ja zJRl6EFRmTfP3*J~>)XUPB1>IGE9Bi~@*dY^pQ{jltBIkhy>+ zREe2smiBc4|Lx8l=(+nQa#-lq*j&T~;TFs3iYwPM0@BZgr+NM}v40SbQa~jw(_%Q z@lchAJm=>5k)u03Bz{pkTpCy`l~+L(D%|RX9`r>Y8GA0j(0REue0boibdacaNMk(n z`5i07%-mcn0-r8)3u`M(;#3hnea6udS#IWJuYja7|NANcIm7_74oy zY}b8JvmfstARh<3AEnKmpZv05!O9s;b6rZr5~MqyOEEDqv8xMEqIr3Z2y6kp;_#ZC zfx347UIVwLSGK>Zw~i>Z?He|!sT%mNHWNp){70{qNvc9xhrRn{N=iFzv94%YYg^u`|+hjRTc;~GdVGH*_EiLR0{jmS*o@CSo z0jvS)Gm|iZGLg5sWd|rTXa6f9FHpZI=(I&R>DlR`JHvbpDu;08cjX4?Nt}{1Zg0&x z)NIwdZ$vSGmWk9~d(Yfn&eCU2(XzPiFBl8ggVvj}FGsay+0LZS2DO!%ehe6?zb0Ae zev@OgKy#N2uKwBopvwNAV%`2#zwm7-ew~Y-nlTa*e{IGQqihSp-N42$L8L4BK1QI? zxxX-Z=jlcGYK`BP0mf{&tLr&vnr60FR9ENa<|-c1wqW5Mv7(Llm}LE5Y=VOlB+Q?D z2V|4py?d9Vp4gEp0HVq%+ zMGZ~hX!(V70YpdGg z%iV|q;HcZlBYxL`#TAEs!9lDg!L~I)PC;Q5!3DUxmo7(dQK?{S_WiG6+c;=!(%;p! z-lwZYArlE|(E>9Kk)t@5R3ASdA4*&Do$TyvZf@>G3G)K&>xHen5@xR&FTraz8u+tS zBbR&gI$I?P0lVu{`MP-==WkBF<9C%sP@PdWuOSc!$^czO888iF=LenW|!Gs?iZDp-`_(TwF3ZK%HO>J)KNF3!2MF6P>?-O zyqbxG`fopa^e736@YT?WDBQ%#?)f?b`ht!;^Y=Q)^z6d&FqBR##=Z)+YG z6bmRnOUuzm9vu)9B`v{Ko1UKb1kaO^lA4{HI|(sBoA`jYWd`B=)vLBNg~8`HhXkhA z)|$%nG%&bjfY8*`MBHNn zA!optidw5&NCz_oq)PU7b|X>gWn&S=j;^k_aa>w;)nxQS^(-qosojngxzw8{DC<7C zl$SBE4t)ikr>h4`*HyLSZ1ATpCH>WZaEv?SJzCM+RbNGX`YRiC) z(0c3lA3uUu0{=UX(%RZO>Lv}u80R^}mzS4=nkE=iTvvpJ7r@EwbC9y{OxMrX19N15 zHdYH{!nzg~if$A4;P4$>;4-=PV2yZ0FQ@qG>Ge@pN6~}q5@r=$_4O(&Iz~oGF)=^D z0M5C!yFz}z5nT-jUGF`qix-i;z0dDr9Og%`?_i~ywp(P5;g80up z8+11S_|{{LF)mL`zGFXvI1VhXU-Tuk_{Tr=^~K?tU#eXMj>|(xjV7s;F7m#IECmu2DnJxy<4_XjGTJS=-y`FqCvDeR9ywpS7Fq$^Z4Y@*!Va&9)yX# zGLp;)A_3KS3(E+$v;STW44tk66;Jpm`{*SFMcVFG1a|(>AcMR!3doH0`WF2p439eo zOy2zeyiF(v&+H&s^=9p_g+21g)F2q7LH_^d9{=l}rl0*k)~U#Q@R?Y!7%zTzID2_b zz;BCrhcE!WS$LQ}Jv2;v+Y`H59{96JZpG*IYdysgS|nZ#kiSX&YfRY?SS!Tv!PU`Z z8KK)Z_2vo-y88v>eO~wsH27zC_+w$=8;8$SA97NCw?wcgBe=VhvBq9+el-2Z!UDV8 z(!iE}e^p9i0^vr;`3ull+*I$mLX(Rt{N66k#RRp)l!mH9VGi_2d2REUGntpQDcpb| z@tokq&aWbP!k|8;W90iCY1I=d-?lZPIF|NWK9om-g6N;PH-j2{?&HZVpT!YydAS?8 zLQn7cN?WpY2V_yDQbEmaWYad@7Kn=_apZ0vOzR?|79WX z(3k}x#ygbhV=P0&NQ#*{6eopp3Ac8hVj(MBzLH?T!24%UWb#ZM?LpvpV36D=8}|5q zstqE9t0?OhEPVa7lhhN6q_AgU))|-sNo407-E*VeZeH-myC+L)3CVyxN@_s%3EFr}oLh|5Uxqv84SB9M@&@-z|Aw5*Nk)Vs+Vt2f0alN`>vpL{12 z%mvGSR&IhZ$fsy9jh^5U$tjq_OE?aq6oe+5{tj6vXbs^S4|r=LvF)?vsZ$weka!YO zz~>ms6_j2pZs;&be9Pc1UCLS!qIddD0knE@!fj83H zGDXf)lX>OP14ur$_I6NBFN{THf&?qM2lmnVcwnLm6ITXBux>w30cMlId-b z(4TMw=97lp5;dL8ovW19fnOn-Jn9#a0XB9QxflK>s@KqAfw~2R5m>zbzhS_C*}g{1 z16+%>w1S*ZQ!~TlGPn=3IH{eQ{%6g*PjKA{V|uIZC-)zDxRSg@uK|kM{OCSw+7lN=h$)Ah&x}>|6w7RkZ~q4jgYc{X literal 0 HcmV?d00001 diff --git a/_versions/main/guides/images/dev-ui-oidc-dev-svc-login-page.png b/_versions/main/guides/images/dev-ui-oidc-dev-svc-login-page.png new file mode 100644 index 0000000000000000000000000000000000000000..7d923c72623e0f873773555a26aa79d13d5785ac GIT binary patch literal 7044 zcmeHMS5#B$wqA&0MYg!zAPBfsKtKegcNGNz37XI(v`q`W1qcK}KvV=NN|ml)2oM5p zTIi83gd!zGdXr8-T7r~tm-jy0JMQB-_dc94&U%;`S@|>9U*??OH@_9}7^2O2itiKv z0Gv7x??VCLNEiUHnVvWT-oXp}l?Q&XBk$=Lo;Y!0WXfO?{Cd&nfvFG7!@&pjm$yBD zaQAStmqgln+uOS%9X)*3*vaYuz|W&||E{5bI(;m_Jb_uaus*ROy+XLG{Qgk$KR})A00t@uXee)BU9z!Y2Q97P@K}rpGN7Vp5Rk3e0=^E zo8eJ5o;%jx1YV|urYK<_$>5rwwb5TsZ3fSB`ODXH1=Q{AsP;%Zde8G*2Y}1>CDg#F z+VTl=0C%|mZT^M!AkGpE+~SLF{hilN`kky9OX&!Jo!$1|-OK2%w=AYfs8QZYYv~pC zI$p`P9b%f*Ij^+vaw$i;?%vICBR22c=FLeC%l&+r88R|N(|gHgeWG|| zW@Xuzt5QGoZeMBCN!zk!jCX8!4WA10zTw{>YLN07AF zhdBv+cFau{v@RT}cU$&bya)i#Dn))pFs+$KT>Q54q8ud-2JM`CUteEeT|G>MlgeZj z_7vX9yY2SjC^l^^!*oVT3459X4{HSxOC2ygoMIO5WS&RZIjC=ZIrQ7wZfR~+-}!gnnq|xpw9D#&IsyJgT!EW2K^^yrs3d z8~*9Cq@>#clI-N<^h8%!6h9i=mf=@}*{dK{Si&LQEBqdnI>ofA9)`8Qwe=mb!~|I} zmB7IYH~7f#h={NV(Y#z)RW;}U*`u2-1Wd-|H1pW~EVYB%;?j1XPm4QdEW+Rn*&|?JfAgj773qgeSNBS zRpnjI(hHhR_cWUteU#~wh2l6!dY%yLlSM{Gn1+BS*L7SOdaQ;25+EJviQ3)27_Eg% zAdse?<$Vsa^^NC)|3=JA;}SP>$%JH=Dd$`B2*;a>x*|-?*e?;5A?Fd z(KJ~enj1n<5do|XXHs|ex3_#$F2#7wOuxJ##G}%^=)>6ZS@uO2)A-MwyX8-8iSr3) zI|@WOo1eD=iVF%0&v0=W=<9DvrK#HM8X69K&`j(gaBy&>rt+QV=Dw111>>@fK4^S! zdKQebC}s2Wu{YEt)vhV}e`zc!DQRte*_C!0*5Bt|wXISU`Fdn{*v7_oPU_2A`L_E_ z@h!Is7nAiag$eXp9Wyy$rDB9$is(`DT{67acr;=Y0HU-K{OuxibRu*#J;W4bxXrS*kuiDZ;8DG8ePp?n;@e+ z+DEGb1Y@%*TmzbkvfzNsG^*%j{%e)&RCjCWiQaPMc$`FM@VK5dxK95?rI-{aGCnqPv z?2nHJGYt;9DeF|W$$JZDwD3(g)mjvUXwAvy;8+YMW9xSyn}z>N0yZ*EJ@%(NYD9_~ANt;aAG zYUkm%?R7ggW+fye{wQu6`8Mzgm-oYQ`^h2W54~ydwy1uptL(*^YGnxtiO9%Pdn*iz zzc&B`B={?W0}hxPjw(opo>iMPdS_*2Wx(b}e4L2d&*m9-Qs54zzYjl#?5XaK>7LF| zF~4cDx>B{gy4Rp5b#T}eE}jS#6NAwXNPA$QN6LGYjL^@En*DLZ^j&HyV*qBbRb!sK zybk~y*VjF{MIJdiDsDHla<;|N_L9EQF%rgwkM#A`f_8pLt2oQ1^0U@Q>f}dY1_yoa zBng}@GiiT>tXAT%?HkTz^y_!`%6vlUa=s{b(Yq=EnnjytVuX=LO)gW?SG@hA|nLwFD1Re1Ib&+i;GiZ6tBuNhh3#q$(ByCe9n>=&fnKJI?=?&IDq!bo7 zn^y6yEiGcWLLxDYXIH9lW_mgi`t#@M%}t)OL$|J6*_e*z0xFMy;AI|2-#(_7bcv83 zFtcq^Q(ZkO$o#GYD>@t;K8KP`d8C`q3T2fR$)!f==3@f&$U7Ua|0MW7JOkKr3bSg? za5O#Je?h0aNvR&DkIbw~M#V&`Cu1@ocxZ>6YzBtd^dSM zwE^p|S*l)rS%2XM622!OhiFU)e5Nf{sMd41Z1MCTHwG4cx+J^mc^tTgD9oZ1Amr8y z?n4WNDGJnA%fx_0s4iY;%Cd2>Umu*o#T1hl;o*BpM^n2<<7jv=>k4TE zQ=Ok*j`P*^-njp|g-nUM`1Fw3+vecVQ*9>-CS0`7$t0aVnG@2-IFtmg)`q`qqgR;5 zL7~uR&z`ZfcU4uD7S}O$X;xS{Q3VA>#pYfbZ8S((!o|Vde3an^w>T(z^XARZ(;Eiq zik80LUqK6qU8(UZ2nS=oJ9j=Oh_$=W#(4z=*9X&z;Y6Ztep1rh%2Op7gu}A$ZeCvA z5OTw~xT>gbYp3BQm=u-0Jb$B#O0^g+@DdgdY3O7INIr_97iAR;oVBQ-_M zR?FDbbRm>It8RVR1rt-Rhh+eskn8KSAKEjlE~|xwe0}vU6G8w}T)JRAXJcbh=@tOQ zUH^YE>z?(2v@rvXO;^vypC-=%z=Z4nDr@LPwjw~eZWZq0@h(NK|I+UR!^69aNnQ5# zS$j0C2inEve>*P?7$P5gW{m|GGQQ1a>*Ea+GWI}UwkbCoZtI{q*g&F)Z&IIjcq&s0 zM!t=W&DAScm`O?Ua&jV~1{sO*flC7?3Dkmw$f&5@b^}%bc%GSRHH@{15$aG%e3}Zv z-O}FvMVEt0@>LKvd}B1ky+SKR1XC=F59zxT{&gTz31~^yV6AId)cFieHH9Za3C6`I zPuMUOpE$gAj8N|9qRK|7ITV& z5U7r_7cZs=2nevwNZ_1ZT+HA^r^S9*Gx{s-$`$+(fYxvZ z4RUgF#@taRAXcJCO;fL4#|o8T%*|{27grV+FRq_R_V)xnUkKrjb#)(CjnrM8<2kgDgSM&J*&STKjt-$Lb*;jl$+Vw*z!n;FO(0d|NP$b zpX=e(2CHEIQmy5hQ1D?#In9D>GwWPBG}<@1(Ou&qM95!v`%0y5clH|;npQcmp6$PX ze>sgv%FeF+^dr8zyBn!`1h9_k|K2V2CiCtc$NP^AL_NHY0Zmidv$G9I8vwZW z;*M7yagkwJ8Iw5KTkm92FBi#rLtuwI{B4_S2>42EZ!(3zUpKQ@M0G3{zmz6?x8 z{tvpe_$iB$6zZ^9x4bHK-ISY~+sq`eusV0QGbQu+^OH}Xf{9j2h!rd!a^s;H>AX;JOEo$7*R*31)PE-^e9Kbm3}ICr&KJx%oni0;nr9;@GF+|%0~ zS5}vb@^(t{JmdRkZl)$mjq(X~0aJCQ&bgO;^ZCp5gW z?R%%6MI<$E_Z(Db*P7$0L`x(cJfX1TT(TMNP+fZmOJ5qZeqwyk(y+39Y9UQFK$q3{ zKnw=ULT@A=931H8hlYlJ`ucTbtS0@Z`{T8iJpoZ{z=S_Y8zYjg z#kL`zWR5u?5KJc5zTZKqI|(jUPAdDDpMOhcrr`bLWQDwog#{5>fGfvkXOE&xg6PBi z0%zM~$iXEv2beB>ghVRMv2E!vLT=8jiI0Cs*g)5Ld94@M?q_=>!|;&qFCE=oT?b8T zRzIg-hw0{@7mexZ?11QH`2`DSI_gA4#)yw@={)HbnTU%U1Jj|WdS_=RHFfFLt5+8! zj0J8;?9B)rHjygI?0Vct6H18gQHvH8et!N0D7!mJ_}1b~ti~uP8N9%Xn1e%@ZF?U34&R~V`(}OSiuvdpYC`v_Jowwq4$sBzCJbG{Kfv< zz2wTV)sBu+6Kyw>mpfAgi)rvDEF9JiVS;$*xbTy6pkP)q!h)D-%L${rxg_+W244 z%o$k}+iR!XkDP1lc2e9W3w)dLS{o`2>;VJ0R7p-!4cpMz^7^!@AX8f?c=DIHKzAdC zSxKA)6uDGI1-s{utHX39t^V$?mJP0?70D29YJc>dkW9&+m$NLzOusmWHs=lJY|IQB6WN`DJA71_XaJgrz@>ELHuy(*i)V&JYG~;+>A+mV@AA* zFfPKVK^qG?B5V#Np`Ju zJ5^!ahfOYte%!C_H$e?UbM;=37?aJljFl*zeWcVtjw{+Q!0-exewaY1c55QvVh?$W|S9#IVx zY1E8iGQmOjR#%2(N=lBfcL@hFY7ZD`EM}B>S>BxhBd_(dhk2*}_|AXkrGQGs&*aXo zG@eVp*ZM9em1dfOb$i_Uow}NB!?PC=5lMA{dg9_8^PTO40%h-w?9>M90@o%J8Sdm|$OHqaJ1Wg`{AyS-T&hE{dyd&}pK zRF?dx?@tc@Z&3=ZOzeY!EkJ8*2PNzuRDAeygc)d6md4W)z>YG}czF+wtQ=@{j0Pp} zR-p7(*M+{w-g$5USrlu1e#^`TVO0#lb4edZ+MfY59m|ISbT@0;6M`*^{lfOM{x(g`5s kn(mo@oB!iI_;`2}1Fz-X+OnDhUrqr!4i_@% literal 0 HcmV?d00001 diff --git a/_versions/main/guides/init-tasks.adoc b/_versions/main/guides/init-tasks.adoc index 6c750cc0879..8a2818e7252 100644 --- a/_versions/main/guides/init-tasks.adoc +++ b/_versions/main/guides/init-tasks.adoc @@ -12,7 +12,7 @@ https://github.com/quarkusio/quarkus/tree/main/docs/src/main/asciidoc There are often initialization tasks performed by Quarkus extensions that are meant to be run once. For example, Flyway or Liquibase initialization falls into that category. But what happens when the scaling needs of an application requires more instances of the application to run? Or what happens when the application -restarts ? +restarts? A common environment where both of these cases are pretty common is Kubernetes. To address these challenges, Quarkus allows externalization of such tasks as Kubernetes https://kubernetes.io/docs/concepts/workloads/controllers/job/[Jobs] and uses https://kubernetes.io/docs/concepts/workloads/pods/init-containers/[init containers] to ensure that an @@ -23,7 +23,7 @@ This approach is reflected in the manifests generated by xref:deploying-to-kuber == Disabling the feature -The feature can be explictily disabled per task (enabled by default). +The feature can be explicitly disabled per task (enabled by default). The default behavior can change by setting the following property to `false`: [source,properties] @@ -89,59 +89,77 @@ Any customization to the original deployment resource (via configuration or exte == Controlling the generated init container The name of the generated init container is `wait-for-${task name}` by default. -Given that the init container is part of the same pod as the actual application it will get the same service account (and therefore permissions) and volumes as the application. -Further customization to the container can be done using using the configuration options for init containers (see `quarkus.kubernetes.init-containers` or `quarkus.openshift.init-containers`). +Given that the init container is part of the same pod as the actual application, it will get the same service account (and therefore permissions) and volumes as the application. +Further customization to the container can be done using the configuration options for init containers (see `quarkus.kubernetes.init-containers` or `quarkus.openshift.init-containers`). Examples: -To set the imagePullPolicy to `IfNotPresent` on the init container that waits for the `flyway` job: +To set the `imagePullPolicy` to `IfNotPresent` on the init container that waits for the `flyway` job: [source,properties] ---- -quarkus.kubernetes.init-containers.wait-for-flyway.image-pull-policy=IfNotPresent +quarkus.kubernetes.init-containers.flyway.image-pull-policy=if-not-present ---- To set custom command (say `custom-wait-for`) on the init container that waits for the `flyway` job: [source,properties] ---- -quarkus.kubernetes.init-containers.wait-for-flyway.command=custom-wait-for +quarkus.kubernetes.init-containers.flyway.command=custom-wait-for ---- - == Orchestration of the initialization tasks The deployment resource should not start until the job has been completed. The typical pattern that is used among Kubernetes users is the -use of init containers to achieve this. An init container that `wait for` the job to complete is enough to enforce that requirement. +use of init containers to achieve this. An init container that `waits for` the job to complete is enough to enforce that requirement. === Using a custom wait-for container image -To change the `wait-for` image which by default is `groundnuty/k8s-wait-for:no-root-v1.7` you can use: +By default, the `wait-for` image is `groundnuty/k8s-wait-for:no-root-v1.7`. +You can define another image: [source,properties] ---- quarkus.kubernetes.init-task-defaults.wait-for-container.image=my/wait-for-image:1.0 ---- -To change the `wait-for` image for a particular init container (e.g. `wait-for-flway`) you can use: +The `imagePullPolicy` can also be configured: + +[source,properties] +---- +quarkus.kubernetes.init-task-defaults.wait-for-container.image-pull-policy=if-not-present +---- + +To change the `wait-for` image for a particular init container (e.g. one that waits for the `flyway` job), you can use: [source,properties] ---- -quarkus.kubernetes.init-containers.wait-for-flyway=my/wait-for-image:1.0 +quarkus.kubernetes.init-tasks.flyway.wait-for-container.image=my/wait-for-image:1.0 +---- + +You can define the `imagePullPolicy` for this particular init container with: + +[source,properties] +---- +quarkus.kubernetes.init-tasks.flyway.wait-for-container.image-pull-policy=if-not-present ---- === Configuring permissions -For an init container to be able to perform the `wait for job` it needs to be able to perform `get` operations on the job resource. +For an init container to be able to perform the `wait for job`, it needs to be able to perform `get` operations on the job resource. This is done automatically and the generated manifests include the required `Role` and `RoleBinding` resources. -If for any reason additional permissions are required either by the init container or the job, they can be configured with through the xref:deploying-to-kubernetes.adoc#generating-rbac-resources[Kubernetes RBAC configuration]. +If, for any reason, additional permissions are required either by the init container or the job, they can be configured with the xref:deploying-to-kubernetes.adoc#generating-rbac-resources[Kubernetes RBAC configuration]. -**Note**: The application, the init container and the job use the same `ServiceAccount` and therefore, share the same permissions. +[NOTE] +==== +The application, the init container and the job use the same `ServiceAccount` and therefore, share the same permissions. +==== -== Extension providing Initialization Tasks +== Extensions providing Initialization Tasks Currently, this feature is used by the following extensions: + - xref:flyway.adoc[Flyway] - xref:liquibase.adoc[Liquibase] - xref:liquibase-mongodb.adoc[Liquibase MongoDB] diff --git a/_versions/main/guides/rest-client.adoc b/_versions/main/guides/rest-client.adoc index cec13b5a7bd..ffa9c57a33a 100644 --- a/_versions/main/guides/rest-client.adoc +++ b/_versions/main/guides/rest-client.adoc @@ -1845,6 +1845,9 @@ As HTTP messages can have large bodies, we limit the amount of body characters l NOTE: REST Client is logging the traffic with level DEBUG and does not alter logger properties. You may need to adjust your logger configuration to use this feature. +These configuration properties work globally for all clients injected by CDI. +If you want configure logging for a specific declarative client, you should do it by specifying named "client" properties, also known as `quarkus.rest-client."client".logging.*` properties. + An example logging configuration: [source,properties] @@ -1852,7 +1855,10 @@ An example logging configuration: quarkus.rest-client.logging.scope=request-response quarkus.rest-client.logging.body-limit=50 +quarkus.rest-client.extensions-api.scope=all + quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG +quarkus.log.console.level=DEBUG ---- [TIP] diff --git a/_versions/main/guides/security-authentication-mechanisms.adoc b/_versions/main/guides/security-authentication-mechanisms.adoc index f5cc1a250b9..08683efef4b 100644 --- a/_versions/main/guides/security-authentication-mechanisms.adoc +++ b/_versions/main/guides/security-authentication-mechanisms.adoc @@ -448,7 +448,12 @@ For more information, see the Quarkus xref:security-oauth2.adoc[Using OAuth2] gu endif::no-quarkus-elytron-security-oauth2[] [[oidc-jwt-oauth2-comparison]] +ifndef::no-quarkus-elytron-security-oauth2[] == Choosing between OpenID Connect, SmallRye JWT, and OAuth2 authentication mechanisms +endif::no-quarkus-elytron-security-oauth2[] +ifdef::no-quarkus-elytron-security-oauth2[] +== Choosing between OpenID Connect and SmallRye JWT authentication mechanisms +endif::no-quarkus-elytron-security-oauth2[] Use the following information to select the appropriate token authentication mechanism to secure your Quarkus applications. diff --git a/_versions/main/guides/security-authorize-web-endpoints-reference.adoc b/_versions/main/guides/security-authorize-web-endpoints-reference.adoc index 151064e376e..30fe4e03adb 100644 --- a/_versions/main/guides/security-authorize-web-endpoints-reference.adoc +++ b/_versions/main/guides/security-authorize-web-endpoints-reference.adoc @@ -1122,6 +1122,49 @@ public class ProjectPermissionChecker { TIP: Permission checks run by default on event loops. Annotate a permission checker method with the `io.smallrye.common.annotation.Blocking` annotation if you want to run the check on a worker thread. +Matching between the `@PermissionsAllowed` values and the `@PermissionChecker` value is based on string equality as shown in the example below: + +[source,java] +---- +package org.acme.security; + +import io.quarkus.security.PermissionChecker; +import io.quarkus.security.PermissionsAllowed; +import jakarta.enterprise.context.ApplicationScoped; + +@ApplicationScoped +public class FileService { + + @PermissionsAllowed({ "delete:all", "delete:dir" }) <1> + void deleteDirectory(Path directoryPath) { + // delete directory + } + + @PermissionsAllowed(value = { "delete:service", "delete:file" }, inclusive = true) <2> + void deleteServiceFile(Path serviceFilePath) { + // delete service file + } + + @PermissionChecker("delete:all") + boolean canDeleteAllDirectories(SecurityIdentity identity) { + String filePermissions = identity.getAttribute("user-group-file-permissions"); + return filePermissions != null && filePermissions.contains("w"); + } + + @PermissionChecker("delete:service") + boolean canDeleteService(SecurityIdentity identity) { + return identity.hasRole("admin"); + } + + @PermissionChecker("delete:file") + boolean canDeleteFile(Path serviceFilePath) { + return serviceFilePath != null && !serviceFilePath.endsWith("critical"); + } +} +---- +<1> The permission checker method `canDeleteAllDirectories` grants access to the `deleteDirectory` because the `delete:all` values are equal. +<2> There must be exactly two permission checker methods, one for the `delete:service` permission and other for the `delete:file` permission. + [[permission-meta-annotation]] ==== Create permission meta-annotations diff --git a/_versions/main/guides/security-identity-providers.adoc b/_versions/main/guides/security-identity-providers.adoc index aee512286f9..081378f54bd 100644 --- a/_versions/main/guides/security-identity-providers.adoc +++ b/_versions/main/guides/security-identity-providers.adoc @@ -17,7 +17,7 @@ In the Quarkus Security framework, identity providers play a crucial role in aut [[identity-providers]] `IdentityProvider` converts the authentication credentials provided by `HttpAuthenticationMechanism` to a `SecurityIdentity` instance. -Some extensions, for example, `OIDC`, `OAuth2`, and `SmallRye JWT`, have inline `IdentityProvider` implementations specific to the supported authentication flow. +Some extensions, such as the ones for OIDC and SmallRye JWT, include inline `IdentityProvider` implementations specific to the supported authentication flow. For example, `quarkus-oidc` uses its own `IdentityProvider` to convert a token to a `SecurityIdentity` instance. If you use Basic or form-based authentication, you must add an `IdentityProvider` instance to convert a username and password to a `SecurityIdentity` instance. diff --git a/_versions/main/guides/security-jwt.adoc b/_versions/main/guides/security-jwt.adoc index 3d869ba6043..539c5961d57 100644 --- a/_versions/main/guides/security-jwt.adoc +++ b/_versions/main/guides/security-jwt.adoc @@ -144,6 +144,7 @@ public class TokenSecuredResource { <6> Retrieves the name of the `Principal`. <7> Builds a response containing the caller's name, the `isSecure()` and `getAuthenticationScheme()` states of the request `SecurityContext`, and whether a non-null `JsonWebToken` was injected. +[[run-application]] === Run the application Now you are ready to run our application. Use: @@ -365,7 +366,7 @@ public class GenerateToken { } ---- -<1> The `iss` claim is the issuer of the JWT. +<1> Set JWT issuer as an `iss` claim value. This must match the server side `mp.jwt.verify.issuer` for the token to be accepted as valid. <2> The `upn` claim is defined by the {mp-jwt} spec as the preferred claim to use for the `Principal` seen by the container security APIs. <3> The `group` claim provides the groups and top-level roles associated with the JWT bearer. @@ -433,8 +434,9 @@ openssl pkcs8 -topk8 -nocrypt -inform pem -in rsaPrivateKey.pem -outform pem -ou You can use the generated key pair instead of those used in this quickstart. ==== -Now, you can generate a JWT to use with the `TokenSecuredResource` endpoint. -To do this, run the following command: +Ensure the <> before generating the JSON Web Token (JWT) for the `TokenSecuredResource` endpoint. + +Next, use the following command to generate the JWT: .Command to generate JWT diff --git a/_versions/main/guides/security-ldap.adoc b/_versions/main/guides/security-ldap.adoc index 83b1695367a..977ac6abacd 100644 --- a/_versions/main/guides/security-ldap.adoc +++ b/_versions/main/guides/security-ldap.adoc @@ -177,6 +177,18 @@ quarkus.security.ldap.identity-mapping.attribute-mappings."0".filter-base-dn=ou= The `elytron-security-ldap` extension requires a dir-context and an identity-mapping with at least one attribute-mapping to authenticate the user and its identity. +=== Map LDAP groups to `SecurityIdentity` roles + +Previously described application configuration showed how to map `CN` attribute of the LDAP Distinguished Name group to a Quarkus `SecurityIdentity` role. +More specifically, the `standardRole` CN was mapped to a `SecurityIdentity` role and thus allowed access to the `UserResource#me` endpoint. +However, required `SecurityIdentity` roles may differ between applications and you may need to map LDAP groups to local `SecurityIdentity` roles like in the example below: + +[source,properties] +---- +quarkus.http.auth.roles-mapping."standardRole"=user <1> +---- +<1> Map the `standardRole` role to the application-specific `SecurityIdentity` role `user`. + == Testing the Application The application is now protected and the identities are provided by our LDAP server. diff --git a/_versions/main/guides/security-oidc-code-flow-authentication.adoc b/_versions/main/guides/security-oidc-code-flow-authentication.adoc index c4bcee3711a..79b5fb51a03 100644 --- a/_versions/main/guides/security-oidc-code-flow-authentication.adoc +++ b/_versions/main/guides/security-oidc-code-flow-authentication.adoc @@ -1586,6 +1586,56 @@ public class SecurityEventListener { TIP: You can listen to other security events as described in the xref:security-customization.adoc#observe-security-events[Observe security events] section of the Security Tips and Tricks guide. + +[[oidc-token-revocation]] +=== Token revocation + +Sometimes, you may want to revoke the current authorization code flow access and/or refresh tokens. +You can revoke tokens with `quarkus.oidc.OidcProviderClient` which provides access to the OIDC provider's UserInfo, token introspection and revocation endpoints. + +For example, when a local logout with <> is performed, you can use an injected `OidcProviderClient` to revoke access and refresh tokens associated with the current session: + +[source,java] +---- +import jakarta.inject.Inject; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; + +import io.quarkus.oidc.AccessTokenCredential; +import io.quarkus.oidc.OidcProviderClient; +import io.quarkus.oidc.OidcSession; +import io.quarkus.oidc.RefreshToken; + +import io.smallrye.mutiny.Uni; + +@Path("/service") +public class ServiceResource { + + @Inject + OidcSession oidcSession; + + @Inject + OidcProviderClient oidcProviderClient; + + @Inject + AccessTokenCredential accessToken; + + @Inject + RefreshToken refreshToken; + + @GET + public Uni logout() { + return oidcSession.logout() <1> + .chain(() -> oidcClient.revokeAccessToken(accessToken.getToken())) <2> + .chain(() -> oidcClient.revokeRefreshToken(refreshToken.getToken())) <3> + .map((result) -> "You are logged out"); + } +} +---- +<1> Do the local logout by clearing the session cookie. +<2> Revoke the authorization code flow access token. +<3> Revoke the authorization code flow refresh token. + === Propagating tokens to downstream services For information about Authorization Code Flow access token propagation to downstream services, see the xref:security-openid-connect-client-reference.adoc#token-propagation-rest[Token Propagation] section. @@ -1826,7 +1876,6 @@ testImplementation("io.quarkus:quarkus-junit5") For integration testing against Keycloak, use xref:security-openid-connect-dev-services.adoc[Dev services for Keycloak]. This service initializes a test container, creates a `quarkus` realm, and configures a `quarkus-app` client with the secret `secret`. It also sets up two users: `alice` with `admin` and `user` roles, and `bob` with the `user` role. -All these properties are customizable. For details, see xref:security-openid-connect-dev-services.adoc#keycloak-initialization[Keycloak Initialization]. First, prepare the `application.properties` file. diff --git a/_versions/main/guides/security-openid-connect-dev-services.adoc b/_versions/main/guides/security-openid-connect-dev-services.adoc index dcdbdbeac04..538f7c1b7e0 100644 --- a/_versions/main/guides/security-openid-connect-dev-services.adoc +++ b/_versions/main/guides/security-openid-connect-dev-services.adoc @@ -21,11 +21,12 @@ The Dev Services for Keycloak feature starts a Keycloak container for both the d It initializes them by registering the existing Keycloak realm or creating a new realm with the client and users required for you to start developing your Quarkus application secured by Keycloak immediately. The container restarts when the `application.properties` or the realm file changes have been detected. -Additionally, xref:dev-ui.adoc[Dev UI] available at http://localhost:8080/q/dev[/q/dev] complements this feature with a Dev UI page, which helps to acquire the tokens from Keycloak and test your Quarkus application. +Additionally, xref:dev-ui.adoc[Dev UI] available at http://localhost:8080/q/dev-ui/extensions[/q/dev-ui/extensions] complements this feature with a Dev UI page, which helps to acquire the tokens from Keycloak and test your Quarkus application. If `quarkus.oidc.auth-server-url` is already set, then a generic OpenID Connect Dev Console, which can be used with all OpenID Connect providers, is activated. For more information, see <>. +[[dev-services-for-keycloak]] == Dev Services for Keycloak Start your application without configuring `quarkus.oidc` properties in the `application.properties` file: @@ -221,33 +222,6 @@ image::dev-ui-keycloak-sign-in-to-service.png[alt=Dev UI OpenID Connect Keycloak Set a relative service endpoint path and click *Log in to your web application*. You are redirected to Keycloak to enter a username and password in a new browser tab before you get a response from the Quarkus application. -In this case, the Dev UI is not very helpful because the Quarkus OIDC `web-app` application controls the authorization code flow and acquires the tokens. - -To make Dev UI more helpful in supporting the development of OIDC `web-app` applications, consider setting profile-specific values for `quarkus.oidc.application-type`: - -[source,properties] ----- -%prod.quarkus.oidc.application-type=web-app -%test.quarkus.oidc.application-type=web-app -%dev.quarkus.oidc.application-type=service ----- - -This profile ensures that all Dev UI options described in <> are available when your `web-app` application is run in dev mode. -The limitation of this approach is that both access and ID tokens returned with the code flow and acquired with Dev UI are sent to the endpoint as HTTP `Bearer` tokens - which does not work well if your endpoint requires the injection of `IdToken`. -However, it works as expected if your `web-app` application only uses the access token, for example, as a source of roles or to get `UserInfo`, even if it is assumed to be a `service` application in dev mode. - -For dev mode, an even better option is to set the `application-type` property to `hybrid`: - -[source,properties] ----- -%prod.quarkus.oidc.application-type=web-app -%test.quarkus.oidc.application-type=web-app -%dev.quarkus.oidc.application-type=hybrid ----- - -This type ensures that if you access the application from the browser in dev mode without the OIDC Dev UI, Quarkus OIDC also performs the authorization code flow as in the production mode. -The OIDC Dev UI is also more beneficial because hybrid applications can also accept the bearer access tokens. - === Running the tests You can run the tests against a Keycloak container started in a test mode in a xref:continuous-testing.adoc[Continuous Testing] mode. @@ -406,6 +380,47 @@ This document refers to the `http://localhost:8080/q/dev-ui` Dev UI URL in sever If you customize `quarkus.http.root-path` or `quarkus.http.non-application-root-path` properties, then replace `q` accordingly. For more information, see the https://quarkus.io/blog/path-resolution-in-quarkus/[Path resolution in Quarkus] blog post. +== Dev Services for OIDC + +When you work with Keycloak in production, <> provides the best dev mode experience. +For other OpenID Connect providers, it is recommended to enable the Dev Services for OIDC like in the example below: + +[source,properties] +---- +quarkus.oidc.devservices.enabled=true +---- + +NOTE: the Dev Services for OIDC are enabled by default if Docker and Podman are not available. + +Once enabled, Quarkus starts a new OIDC server that supports most common OpenID Connect operations. +You can confirm in your console that the OIDC server started, you will see output similar to the following: + +[source,shell] +---- +2025-01-08 20:50:20,900 INFO [io.qua.dev.oid.OidcDevServicesProcessor] (build-16) Dev Services for OIDC started on http://localhost:38139 +---- + +If you navigate to the <>, you can log into the OIDC server as builtin users `alice` or `bob`: + +image::dev-ui-oidc-dev-svc-login-page.png[alt=Dev Services for OIDC builtin user login,role="center"] + +This login page is also displayed if you navigate to authenticated request path during the development of the xref:security-oidc-code-flow-authentication.adoc[Quarkus OIDC web application]. +As always, the default roles for `alice` are `admin` and `user`, while the roles for `bob` are just `user`. +You can configure those built-in roles if required: + +[source,properties] +---- +quarkus.oidc.devservices.roles.alice=root <1> +quarkus.oidc.devservices.roles.bob=guest +---- +<1> Assign a `root` role to the user `alice`. + +Another option is log in as a custom user with the username and roles of your choice: + +image::dev-ui-oidc-dev-svc-login-for-custom-users.png[alt=Dev Services for OIDC custom user login,role="center"] + +Whichever user you choose, no password is required. + == References * xref:dev-ui.adoc[Dev UI]