From 0403d31207916c1ae8f30acab285ffd593072257 Mon Sep 17 00:00:00 2001
From: hangy <hangy@hangy.de>
Date: Sun, 8 Sep 2024 10:08:24 +0200
Subject: [PATCH] feat: Enable /health and /metrics endpoints and expose the
 management interface on port 5602

see #60
---
 .env                       | 1 +
 docker-compose-run.yml     | 1 +
 runtime-scripts/startup.sh | 6 +++---
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.env b/.env
index 8e8d9bc79..47af5d28b 100644
--- a/.env
+++ b/.env
@@ -19,6 +19,7 @@ PRODUCT_OPENER_OIDC_CLIENT_SECRET=Cf4NdSAjZsNO9HLcuXeuvukzFu00roQa
 REDIS_URL=redis:6379
 
 KEYCLOAK_EXPOSE_PORT=5600
+KEYCLOAK_MANAGEMENT_PORT=5602
 
 # Set to "prod" for hardened deployment or "dev" for start-dev. Other values will run more as a test container
 KEYCLOAK_STARTUP=dev
diff --git a/docker-compose-run.yml b/docker-compose-run.yml
index 077adcddb..18ec43086 100644
--- a/docker-compose-run.yml
+++ b/docker-compose-run.yml
@@ -8,6 +8,7 @@ services:
       - KEYCLOAK_STARTUP
     ports:
       - "0.0.0.0:${KEYCLOAK_EXPOSE_PORT:-5600}:8080"
+      - "0.0.0.0:${KEYCLOAK_MANAGEMENT_PORT:-5602}:9000"
     depends_on:
       keycloak_postgres:
         condition: service_started
diff --git a/runtime-scripts/startup.sh b/runtime-scripts/startup.sh
index 5c98c5104..58e8360b4 100644
--- a/runtime-scripts/startup.sh
+++ b/runtime-scripts/startup.sh
@@ -6,11 +6,11 @@ echo "*** Starting keycloak ***"
 if [[ "$KEYCLOAK_STARTUP" == "prod" ]]; then
     # TODO: Figure out how to secure properly for production
     # Note can't use optiomized option as pre-built image isn't configured for postgres
-    /opt/keycloak/bin/kc.sh start --import-realm
+    /opt/keycloak/bin/kc.sh start --import-realm --health-enabled=true --metrics-enabled=true
 elif [[ "$KEYCLOAK_STARTUP" == "dev" ]]; then
-    /opt/keycloak/bin/kc.sh start-dev --import-realm
+    /opt/keycloak/bin/kc.sh start-dev --import-realm --health-enabled=true --metrics-enabled=true
 else
     # Use pre-optimized version for tests for faster startup
-    /opt/keycloak/bin/kc.sh start --http-enabled=true --hostname-strict=false --cache=local --optimized --import-realm
+    /opt/keycloak/bin/kc.sh start --http-enabled=true --hostname-strict=false --cache=local --optimized --import-realm --health-enabled=true --metrics-enabled=true
 fi