I'm looking to integrate Keycloak to an existing stack for my company. The stack consists of an Oracle-Database (v19.3), the keycloak I'm trying to implement (latest so 23.0) and some other elements that should not interact with the problem. The stack do not contain Spring.database
I'm using a docker-compose file to launch the services :
version : '3.8'
volumes:
oracle-orcl-data:
external:
name: ${oracle_db_volume_name}
services :
oracle-database:
image: container-registry.oracle.com/database/enterprise:19.3.0.0
volumes:
- oracle-orcl-data:/ORCL
- ${oracle_db_home}/dump:/opt/oracle-dump
ports:
- "1521:1521"
- "5500:5500"
healthcheck:
test: [ "CMD","/opt/oracle/checkDBStatus.sh"]
interval: 2s
environment:
- ORACLE_PDB=ORCLPDB1
keycloak:
depends_on:
oracle-database:
condition: service_healthy
links:
- oracle-database
image: quay.io/keycloak/keycloak:latest
command: start-dev
hostname: keycloak
ports:
- "8081:8080"
environment:
KC_DB: oracle
KC_DB_URL_HOST: oracle-database
KC_DB_URL_DATABASE: orclpdb1
KC_DB_PASSWORD: [REDACTED]
KC_DB_USERNAME: keycloak
KC_DB_SCHEMA: keycloak
KEYCLOAK_ADMIN: [REDACTED]
KEYCLOAK_ADMIN_PASSWORD: [REDACTED]
Note : this is not the complete file, some elements are proprietary and have been redacted. The healthcheck on oracle-database is OK, and keycloak launches, and tried to apply liquibase changes to the database.
Then, the error occurs :
2024-02-16 09:34:42,137 INFO [org.keycloak.quarkus.runtime.storage.legacy.liquibase.QuarkusJpaUpdaterProvider] (main) Initializing database schema. Using changelog META-INF/jpa-changelog-master.xml
2024-02-16 09:34:49,040 ERROR [liquibase.changelog.ChangeSet] (main) ChangeSet META-INF/jpa-changelog-2.5.0.xml::2.5.0-unicode-oracle::hmlnarik@redhat.com encountered an exception.
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (development) mode
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to update database
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: liquibase.exception.LiquibaseException: liquibase.exception.MigrationFailedException: Migration failed for changeset META-INF/jpa-changelog-2.5.0.xml::2.5.0-unicode-oracle::hmlnarik@redhat.com:
Reason: liquibase.exception.DatabaseException: ORA-00942: table or view does not exist
https://docs.oracle.com/error-help/db/ora-00942/ [Failed SQL: (942) UPDATE COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL]
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: liquibase.exception.MigrationFailedException: Migration failed for changeset META-INF/jpa-changelog-2.5.0.xml::2.5.0-unicode-oracle::hmlnarik@redhat.com:
Reason: liquibase.exception.DatabaseException: ORA-00942: table or view does not exist
https://docs.oracle.com/error-help/db/ora-00942/ [Failed SQL: (942) UPDATE COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL]
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Migration failed for changeset META-INF/jpa-changelog-2.5.0.xml::2.5.0-unicode-oracle::hmlnarik@redhat.com:
Reason: liquibase.exception.DatabaseException: ORA-00942: table or view does not exist
https://docs.oracle.com/error-help/db/ora-00942/ [Failed SQL: (942) UPDATE COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL]
2024-02-16 09:34:49,075 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: ORA-00942: table or view does not exist
https://docs.oracle.com/error-help/db/ora-00942/ [Failed SQL: (942) UPDATE COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL]
2024-02-16 09:34:49,076 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: ORA-00942: table or view does not exist
https://docs.oracle.com/error-help/db/ora-00942/
2024-02-16 09:34:49,076 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: ORA-00942: table or view does not exist
There is no connection problem, as tables are created under keycloak user, in keycloak schema. On subsequent restarts of the service, it indicates that the tables already exists (obviously).
I then have to manually delete created tables to get the first error. I have not been able to find a solution, being new to keycloak and oracle is probably preventing me to easily find the solution.
I tried to change oracle-database version (if this was a compatibility issue), and I also tried to run in oracle-database the SQL request manually.
The request UPDATE COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL returns the same error as Liquibase, so it is definitely a problem in that.
But if i run UPDATE KEYCLOAK.COMPONENT_CONFIG SET VALUE_NEW = VALUE, VALUE = NULL then it passes. So I guess the problem is regarding from where the request is executed.
I'm guessing there is an environment variable that I have forgotten in docker-compose, or something that would make this work, but I have not yet find it.
I also looked for a similar problem on SO and found nothing alike, idem on the Internet.
Thank you for any help you might give.
I am not sure why, but the following docker-compose.yml seems to have corrected the problem :
version : '3.8'
volumes:
oracle-orcl-data:
external:
name: ${oracle_db_volume_name}
services :
oracle-database:
#image: store/oracle/database-enterprise:12.2.0.1-slim
image: container-registry.oracle.com/database/enterprise:19.3.0.0
volumes:
- oracle-orcl-data:/ORCL
- ${oracle_db_home}/dump:/opt/oracle-dump
ports:
- "1521:1521"
- "5500:5500"
healthcheck:
test: [ "CMD","/opt/oracle/checkDBStatus.sh"]
interval: 2s
environment:
ORACLE_PDB: ORCLPDB1
keycloak:
depends_on:
oracle-database:
condition: service_healthy
links:
- oracle-database
image: quay.io/keycloak/keycloak:latest
command: start-dev
hostname: keycloak
ports:
- "8081:8080"
environment:
KC_DB: oracle
KC_DB_URL_HOST: oracle-database
KC_DB_URL_DATABASE: orclpdb1
KC_DB_PASSWORD: keycloak
KC_DB_USERNAME: keycloak
KC_DB_SCHEMA: keycloak
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
I'm guessing the problem was linked to the ORACLE_PDB in environment, but I cannot be certain as the problem is no longer present.