This package adds the ability to start keycloak as a testcontainer in node.js.
npm install keycloak-testcontainer --save-dev
ES6 import
import KeycloakContainer from 'keycloak-testcontainer';
Common js import:
const KeycloakContainer = require('keycloak-testcontainer').default;
Currently, this package only supports the latest version of Keycloak. Older releases will work for older versions, but don't expect new releases to work for older Keycloak versions.
This package supports node.js version 18 and higher. This package has also been build and tested for non-lts releases.
You can start a keycloak container with a few lines of code:
import KeycloakContainer from 'keycloak-testcontainer';
describe('Keycloak Testcontainer Example', () => {
it('should run against keycloak', async () => {
const container = await new KeycloakContainer().start();
// do something with the container
await container.stop();
});
});
Currently, this package provides the following features:
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer()
.start();
By default, every container is always a Keycloak in development mode.
You can start the container with a custom version by providing a tag (default: latest
) to the constructor.
A list of possible values for the tag can be found on Keycloaks repository page on quay.io.
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer({ tag: '26.0' })
.start();
Using the example above a Keycloak container should start with version 26.0 as long as the image with the tag is available on quay.io. If the tag you are using is not available you'll see an error similar to the error below:
Error: (HTTP code 404) unexpected - manifest for quay.io/keycloak/keycloak:21 not found: manifest unknown: manifest unknown
If you want to run an image from a different registry you can provide a registry to the container like so:
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer({
registry: 'intern.org/keycloak/keycloak'
})
.start();
With the custom registry the testcontainer tries to start with the following image: intern.org/keycloak/keycloak:latest
.
You also can combine this with a custom tag:
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer({
registry: 'intern.org/keycloak/keycloak',
tag: 'intern-rc-22'
})
.start();
This would result in the following image being used: intern.org/keycloak/keycloak:intern-rc-22
You can run this testcontainer with a bunch of different commands to obtain different Keycloak functionality. For a deeper explaination and up to date documentation have a look at the Keycloak guides.
To enable Keycloaks metrics endpoint start the container with the following command:
const container = await new KeycloakContainer()
.withMetrics()
.start();
Keycloak provides different additional or experimental features. A list of the supported features can be found here. To enable additional features start the container with the following command:
const container = await new KeycloakContainer()
.withFeatures([
'docker',
'token-exchange'
])
.start();
Keycloak allows to disable certain features. A list of the supported features can be found here. To disable certain features start the container with the following command:
const container = await new KeycloakContainer()
.withDisabledFeatures([
'impersonation',
])
.start();
To start the Keycloak container with a custom admin user start the container with the following command:
const container = await new KeycloakContainer()
.withAdminUser({
username: 'admin',
password: 'password'
})
.start();
Keycloak runs by default with a h2 database. To run Keycloak with a different database (for example postgres) you can start the container with the following command:
const container = await new KeycloakContainer()
.withDatabase({
vendor: 'postgres',
url: 'your-jdbc-url-here',
username: 'dbuser',
password: 'dbpassword'
});
.start();
To start the Keycloak container with a custom realm you can start the container with the following command:
const container = await new KeycloakContainer()
.withRealmImport('/path/to/realm/data')
.start();
To add custom providers start the container with the following command:
const container = await new KeycloakContainer()
.withProviders('/path/to/providers')
.start();
To enable Keycloaks health endpoint start the container with the following command:
const container = await new KeycloakContainer()
.withHealth()
.start();
To run Keycloak with a custom hostname start the container with the following command:
const container = await new KeycloakContainer()
.withHostname('localhost')
.start();
To run Keycloak with a custom hostname path (default: /
) start the container with the following command:
const container = await new KeycloakContainer()
.withHostnamePath('/auth')
.start();
You can change the default management port (9000
) with the following command:
const container = await new KeycloakContainer()
.withManagementPort(9001)
.start();
You can change the default path for the management interface (/
) with the following command:
const container = await new KeycloakContainer()
.withManagementPath('/admin')
.start();
To disable theme caching start the container with the following command:
const container = await new KeycloakContainer()
.withThemeCacheDisabled()
.start();
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer()
.start();
await container.stop();
import KeycloakContainer from 'keycloak-testcontainer';
const container = await new KeycloakContainer()
.start();
await container.restart();
It is possible to obtain an admin client for the test container after starting the container. This admin client can be used to change configuration for different tests. You can obtain an admin client with the following command:
const container = await new KeycloakContainer()
.start();
container.getAdminClient({
baseUrl: 'http://localhost:8080',
realmName: 'master',
totp: '123456'
});
The admin client can be customized by using an options object. By default the admin client uses http://localhost:8080
as the base url and the default admin credentials. If you changed the admin credentials by using withAdminUser(username, password)
the new credentials will be used by the admin client and don't need to be passed as an option.
Currently, the client accepts the following options (all of them are optional):
baseUrl
: The url pointing to keycloakrealmName
: The name of the realm (default:master
)totp
: optional one-time password (if required)