Keycloak distribution migration from WildFly to Quarkus and continuous integration, continuous delivery

Abstract

Identity Access Management (IAM) systems are widely used for securing web and mobile applications. Keycloak is a popular choice as IAM, however developers might come across a costly and time-consuming issue of updating it, as regular improvements are being made by JBoss, Keycloak’s developer. Even though Keycloak’s documentation is vast and well written, finding the right information regarding all possible aspects during migration can prove challenging as organizations customize their Keycloak instances, and various aspects of customizations are split through multiple release notes pages rather than in the migration manual. The commissioning has faced this issue, therefore the thesis focused on how to migrate Keycloak distribution from WildFly to Quarkus preserving all customizations. Differences between WildFly and Quarkus, as well as continuous integration/continuous deployment (CI/CD) were also covered in this study. This thesis was practical based, therefore the main theory about Keycloak and its distributions is presented in the first place. The thesis proceeds with detailed explanation of the initial setup and the migration process to provide sufficient information for reproducing. Last but least, CI/CD was attempted with Azure Pipelines and GitLab. The research demonstrates migration process to be effortless and showcases the main configuration differences between Keycloak versions. The configuration process has faced major changes, however Keycloak Maven dependencies used in custom providers have encountered only a few minor ones. Based on commissioning party security policies, CI/CD was not possible with Azure Pipelines, however CI was achieved with GitLab, CD continues to be company’s future objective.