Bug 2101474 - Keycloak Administration Console URL should be displayed at the end of engine-setup along with webadmin URL when bundled Keycloak integration is enabled
Summary: Keycloak Administration Console URL should be displayed at the end of engine-...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: General
Version: 4.5.1.2
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ovirt-4.5.2
: 4.5.2
Assignee: bugs@ovirt.org
QA Contact: Barbora Dolezalova
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-06-27 14:58 UTC by Barbora Dolezalova
Modified: 2022-08-30 08:47 UTC (History)
2 users (show)

Fixed In Version: ovirt-engine-keycloak:15.0.2-4
Clone Of:
Environment:
Last Closed: 2022-08-30 08:47:42 UTC
oVirt Team: Infra
Embargoed:
mperina: ovirt-4.5+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github oVirt ovirt-engine-keycloak pull 47 0 None open readme: usage scenarios reference keycloak admin console 2022-07-13 10:18:39 UTC
Red Hat Issue Tracker RHV-46723 0 None None None 2022-06-28 07:42:08 UTC

Description Barbora Dolezalova 2022-06-27 14:58:03 UTC 
Description of problem:
It would be nice to have a shortcut option on welcome page of ovirt-engine just like for Administration portal or VM portal in the section Portals.
Regarding bug 2021497, keycloak is installed by default and it's not visible on the first sight how to get to the administration console of the keycloak.

Version-Release number of selected component (if applicable):
ovirt-engine-4.5.1.2-1.el8.noarch
Comment 1 Artur Socha 2022-06-28 08:21:05 UTC 
This is relatively quick and easy to implement. We only need to only display it when keycloak is enabled. There is already an example for Grafana/Monitoring portal [1]. 
The open question is where this link should be added. Would it be under 'Portals' ?

[1] https://github.com/oVirt/ovirt-engine/commit/60f473bf7be4b00bbd20de9345419af79151c6c4
Comment 2 Artur Socha 2022-06-28 08:29:19 UTC 
One more thought after discussing with Radek. Perhaps we want to have a keycloak admin console link even for keyloak being configured manually. That means when Keycloak/RH SSO is not bundled. That will extend the scope.
Comment 3 Artur Socha 2022-07-13 10:15:14 UTC 
I have made some changes in the setup code. Please ack if that is something that will be good enough to solve this issue:
         
          --== SUMMARY ==--
         
[ INFO  ] Starting dwh service
[ INFO  ] Starting Grafana service
[ INFO  ] Restarting ovirt-vmconsole proxy service
(..)
===== updated text start =====vvvvv====
          To login to oVirt using Keycloak SSO, enter username 'admin@ovirt' and the password provided during the setup.     
          To login to Keycloak Administration Console enter username 'admin'with the password provided during the setup 
          Keycloak Administration Console is enabled at:
              https://dev2.dom/ovirt-engine-auth/admin
===== updated text end  =====^^^^^^====
(..)
          Web access is enabled at:
              http://dev2.dom:80/ovirt-engine
              https://dev2.dom:443/ovirt-engine
          Internal CA fingerprint: SHA256: 36:4E:B6:48:0A:12:9B:FC:3D:72:3D:B3:58:F7:C3:63:A7:C5:8C:43:C5:59:E4:81:38:1C:67:47:BD:56:7C:69
Comment 5 Barbora Dolezalova 2022-08-03 12:19:08 UTC 
It is good enough and it works.

Verified in ovirt-engine-keycloak-15.0.2-4.el8.noarch


> I have made some changes in the setup code. Please ack if that is something
> that will be good enough to solve this issue:
>          
>           --== SUMMARY ==--
>          
> [ INFO  ] Starting dwh service
> [ INFO  ] Starting Grafana service
> [ INFO  ] Restarting ovirt-vmconsole proxy service
> (..)
> ===== updated text start =====vvvvv====
>           To login to oVirt using Keycloak SSO, enter username 'admin@ovirt'
> and the password provided during the setup.     
>           To login to Keycloak Administration Console enter username
> 'admin'with the password provided during the setup 
>           Keycloak Administration Console is enabled at:
>               https://dev2.dom/ovirt-engine-auth/admin
> ===== updated text end  =====^^^^^^====
> (..)
>           Web access is enabled at:
>               http://dev2.dom:80/ovirt-engine
>               https://dev2.dom:443/ovirt-engine
>           Internal CA fingerprint: SHA256:
> 36:4E:B6:48:0A:12:9B:FC:3D:72:3D:B3:58:F7:C3:63:A7:C5:8C:43:C5:59:E4:81:38:
> 1C:67:47:BD:56:7C:69





(In reply to Artur Socha from comment #3)
> I have made some changes in the setup code. Please ack if that is something
> that will be good enough to solve this issue:
>          
>           --== SUMMARY ==--
>          
> [ INFO  ] Starting dwh service
> [ INFO  ] Starting Grafana service
> [ INFO  ] Restarting ovirt-vmconsole proxy service
> (..)
> ===== updated text start =====vvvvv====
>           To login to oVirt using Keycloak SSO, enter username 'admin@ovirt'
> and the password provided during the setup.     
>           To login to Keycloak Administration Console enter username
> 'admin'with the password provided during the setup 
>           Keycloak Administration Console is enabled at:
>               https://dev2.dom/ovirt-engine-auth/admin
> ===== updated text end  =====^^^^^^====
> (..)
>           Web access is enabled at:
>               http://dev2.dom:80/ovirt-engine
>               https://dev2.dom:443/ovirt-engine
>           Internal CA fingerprint: SHA256:
> 36:4E:B6:48:0A:12:9B:FC:3D:72:3D:B3:58:F7:C3:63:A7:C5:8C:43:C5:59:E4:81:38:
> 1C:67:47:BD:56:7C:69
Comment 6 Sandro Bonazzola 2022-08-30 08:47:42 UTC 
This bugzilla is included in oVirt 4.5.2 release, published on August 10th 2022.
Since the problem described in this bug report should be resolved in oVirt 4.5.2 release, it has been closed with a resolution of CURRENT RELEASE.
If the solution does not work for you, please open a new bug report.
Note You need to log in before you can comment on or make changes to this bug.