Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Blank page : somethingWentWrongDescription #789

Open
sinaure opened this issue Aug 13, 2024 · 6 comments
Open

Blank page : somethingWentWrongDescription #789

sinaure opened this issue Aug 13, 2024 · 6 comments

Comments

@sinaure
Copy link

sinaure commented Aug 13, 2024

Blank page on : https://keycloak.mydomain.com/auth/admin/master/console/

upgrading from

2.3.0 -> 2.4.4

keycloak is running on port 8080

    extraEnv: |
    - name: KEYCLOAK_ADMIN
      value: admin
    - name: KEYCLOAK_ADMIN_PASSWORD
      value: admin
    - name: PROXY_ADDRESS_FORWARDING
      value: "true"
    - name: JAVA_OPTS_APPEND
      value: "-Djgroups.dns.query=keycloak-headless.keycloak.svc.cluster.local"
  command:
    - "/opt/keycloak/bin/kc.sh"
    - "--verbose"
    - "start"
    - "--http-port=8080"
    - "--hostname-strict=false"
    - "--spi-events-listener-jboss-logging-success-level=debug"
    - "--spi-events-listener-jboss-logging-error-level=debug"
  ingress:
    enabled: true
    ingressClassName: "nginx"
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-prod
      ingress.kubernetes.io/ssl-redirect: "true"
      kubernetes.io/tls-acme: "true"
      ingress.kubernetes.io/affinity: cookie
    rules:
      - host: 'keycloak.mydomain.com'
        paths:
          - path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/'
            pathType: Prefix
    tls:
      - hosts: ['keycloak.mydomain.com']
        secretName: tls-keycloak
    console:
      enabled : false

I have no error messages on startup:

2024-08-13 13:34:13,724 INFO [io.quarkus] (main) Keycloak 25.0.0 on JVM (powered by Quarkus 3.8.5) started in 18.705s. Listening on: http://0.0.0.0:8080. Management interface listening on http://0.0.0.0:9000.

@sinaure sinaure changed the title Healthcheck fail Blank page : somethingWentWrongDescription Aug 13, 2024
@ChristopheVilain
Copy link

I have roughly the same setup as Sinaure's and experience the exact same bug, no issues on the logging side, keycloak started fine. I tried to run Keycloak 25.0.2 with the 2.4.4 version of the chart.
I managed to browse /auth/realms/[myrealm]/.well-kown/openid-configuration but every other endpoint responds in some sort of 5XX error.

Inspecting my browser console when accessing the administration UI, I have some blocked calls because of what seems like a protocol mixup -loading over HTTP rather than HTTPS- and denial by content security policy:

Blocked loading mixed active content “http://my-domain/auth/resources/master/admin/en”
[request.js:68:4](https://my-domain/auth/node_modules/.pnpm/[email protected]/node_modules/i18next-http-backend/esm/request.js)
Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-src) at http://my-domain/auth/realms/master/protocol/openid-connect/3p-cookies/step1.html because it violates the following directive: “frame-src 'self'”

@coreyperkins
Copy link

I am seeing the same issues as @ChristopheVilain during an attempt of KC 25.0.4 with chart version 2.5.0.

@rome-legacy
Copy link

actually there is already an issue for this and this comment helped me to get it running. i had the same problem.
#786 (comment)
i have added the mentioned environment variable to my values.yml and redeployed

Copy link

This issue has been marked as stale because it has been open for 30 days with no activity. It will be automatically closed in 10 days if no further activity occurs.

@github-actions github-actions bot added the Stale label Nov 16, 2024
@fritz0011
Copy link

deployed on a rancher cluster,
workaround for this:

extraEnv: |

  • name: KC_PROXY_HEADERS
    value: "xforwarded"

++ I have forced the chart to use image tag 26.0.5, so far working flawless....

@github-actions github-actions bot removed the Stale label Nov 24, 2024
@dvozzella
Copy link

deployed on a rancher cluster, workaround for this:

extraEnv: |

* name: KC_PROXY_HEADERS
  value: "xforwarded"

++ I have forced the chart to use image tag 26.0.5, so far working flawless....

This completely solved my issue. I was seeing /auth/master/admin/en http request fail over and over until I added this env variable. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants