chore: create a keycloak 24 benchmark image (#426)

* chore: create a keycloak 24 benchmark image

* chore: update benchmark test documentation

* chore: point the benchmark builder back at 26

* chore: add 4th test to docs

* chore: add 4th test to docs

benchmark/Makefile

@@ -22,5 +22,5 @@ run_job:
 
 .PHONY: cleanup
 cleanup:
-	oc -n $(NAMESPACE) delete job $(NAME)
+	oc -n $(NAMESPACE) delete job $(NAME) --ignore-not-found=true
 	oc -n $(NAMESPACE) delete secret $(NAME)-secret

benchmark/benchmark-guide.md → benchmark/README.md

@@ -6,7 +6,7 @@
 
 - You need a keycloak server with dataset provider added to be able to use it for generating test data
 - To build such server image, run `.github/workflows/publish-image-keycloak-benchmark.yml` that builds an image using `docker/keycloak/Dockerfile-26-perf` that explicitly copies `docker/keycloak/dataset-providers/keycloak-benchmark-dataset-0.15-SNAPSHOT.jar` provider
-- Deploy keycloak server run from this image **ONLY** in a test namespace
+- Deploy keycloak server run from this image **ONLY** in a test namespace.  See the [sso-helm-charts repo](https://github.com/bcgov/sso-helm-charts/tree/main/charts/keycloak).
 - After the testing is complete, uninstall the server from the namespace
 
 ### Runner Image
@@ -66,7 +66,6 @@ export ADMIN_PASSWORD=
 # using 100 users and 100 clients to make 34 req/s for a duration of upto 30 mins
 ./bin/kcb.sh --scenario=${SCENARIO} --server-url=${SERVER_URL}/auth --admin-username=${ADMIN_USERNAME} --admin-password=${ADMIN_PASSWORD} --users-per-sec=34 --ramp-up=300 --users-per-realm=101 --measurement=1800 --clients-per-realm=101
 ```
-
 ### Locally - with entrypoint.sh
 
 - Create `.env` from `.env.example` and set the appropriate values for the variables
@@ -79,12 +78,33 @@ export ADMIN_PASSWORD=
 - Run `make cleanup` to ensure old resources get deleted
 - Run `make run_job` to deploy a secret and a job that executes `entrypoint.sh` script in a pod
 
+## ADDITIONAL_CONFIG
+
+There are four runs we have done with the previous versions of keycloak.  In order for runs to be comparable the same runs should be done on future versions. These are controlled by the `ADDITIONAL_CONFIG` env var.
+
+### Run 1
+
+ADDITIONAL_CONFIG := "--users-per-sec=34 --ramp-up=300 --users-per-realm=101 --measurement=1800 --clients-per-realm=101"
+
+### Run 2
+--users-per-sec=100 --ramp-up=300 --users-per-realm=5001 --measurement=1800 --clients-per-realm=301
+`
+
+### Run 3
+--users-per-sec=200 --ramp-up=300 --users-per-realm=9000 --measurement=1800 --clients-per-realm=301
+
+### Run 4
+This is a different scenerio, it is not an Auth Code flow like the other tests. The new environment vars are:
+
+SCENARIO := "keycloak.scenario.authentication.ClientSecret"
+ADDITIONAL_CONFIG := "--users-per-sec=500 --ramp-up=300 --users-per-realm=9995 --measurement=1800 --clients-per-realm=395"
+
 ## Reports
 
 - The html report will be generated under the `./results` directory if running locally without using `entrypoint.sh`
 - Running `entrypoint.sh` locally or in a pod would send the report via email to the email address set under `RECEPIENT` environment variable
-- Download the attachment from the email and use `base64 --decode` to decode the file
-- After the decode, you can extract the contents from the archive
+- Download the attachment from the email and use `base64 --decode` to decode the file `base64 --decode results.tar.gz>decoded_results.tar.gz`
+- After the decode, you can extract the contents from the archive and use the browser to preview them `file://<<PATH_TO_FILE>>/req_browser-to-log---<<TIMESTAMP>>.html`
 
 ## References
 

docker/keycloak/Dockerfile-24-perf

@@ -0,0 +1,39 @@
+FROM maven:3.8.5-openjdk-17-slim AS extensions-builder
+
+COPY ./extensions-24 /tmp/
+WORKDIR /tmp/
+RUN mvn -B clean package --file pom.xml
+
+FROM registry.redhat.io/rhbk/keycloak-rhel9:24-17 as builder
+
+# Enable health and metrics support
+ENV KC_HEALTH_ENABLED=true
+ENV KC_METRICS_ENABLED=true
+
+# Configure a database vendor
+ENV KC_DB=postgres
+
+# un-comment when dataset required for loadtests
+COPY ./dataset-providers/keycloak-benchmark-dataset-0.15-SNAPSHOT.jar /opt/keycloak/providers
+
+COPY --from=extensions-builder /tmp/services/target/bcgov-services-1.0.0.jar /opt/keycloak/providers/
+
+WORKDIR /opt/keycloak
+
+RUN /opt/keycloak/bin/kc.sh build
+
+FROM registry.redhat.io/rhbk/keycloak-rhel9:24-17
+
+COPY --from=builder /opt/keycloak/ /opt/keycloak/
+
+# copy the theme directory to `/opt/keycloak/themes/` for now, but we can consider to archive to be deployed later.
+COPY ./extensions-24/themes/src/main/resources/theme /opt/keycloak/themes
+
+COPY ./configuration/24/keycloak.conf /opt/keycloak/conf
+
+COPY ./configuration/24/quarkus.properties /opt/keycloak/conf
+
+COPY ./configuration/24/keycloak-default-user-profile.json /tmp
+
+# change these values to point to a running postgres instance
+ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]

k6/k6-runner/Makefile

@@ -12,5 +12,5 @@ run_job:
 
 .PHONY: cleanup
 cleanup:
-	oc -n $(NAMESPACE) delete job sso-k6
+	oc -n $(NAMESPACE) delete job sso-k6 --ignore-not-found=true
 	oc -n $(NAMESPACE) delete configmap k6-config