Skip to content

DockerClientTest failure #44117

New issue
New issue
Closed
bug
#44126
Closed
DockerClientTest failure#44117
bug
#44126
Assignees
rmartinc
Labels
area/testsuiteIndicates an issue on the Testsuite areakind/bugCategorizes a PR related to a bugrelease/26.2.11release/26.4.5release/26.5.0team/continuous-testingteam/core-clients
@rmartinc

Description

@rmartinc
rmartinc
opened on Nov 11, 2025

Before reporting an issue

  • I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

testsuite

Describe the bug

The test DockerClientTest is failing recently. The error is the following:

2025-11-11T11:18:53.5271268Z DockerClientTest ++ STDOUT: Using default tag: latest
2025-11-11T11:18:53.5272006Z DockerClientTest ++ The push refers to repository [localhost:5000/empty]
2025-11-11T11:18:53.5272635Z DockerClientTest ++ 
2025-11-11T11:18:53.5273017Z DockerClientTest ++ ---
2025-11-11T11:18:53.5274740Z DockerClientTest ++ STDERR: failed to authorize: failed to fetch oauth token: Post "https://172.17.0.1:8543/auth/realms/docker-test-realm/protocol/docker-v2/auth": tls: failed to verify certificate: x509: cannot validate certificate for 172.17.0.1 because it doesn't contain any IP SANs
2025-11-11T11:18:53.5276480Z DockerClientTest ++ 
2025-11-11T11:18:53.5277240Z DockerClientTest ++ 11:16:40,533 INFO  [org.keycloak.testsuite.docker.DockerClientTest] calling all TestCleanup
2025-11-11T11:18:53.5278361Z DockerClientTest ++ 11:16:40,576 INFO  [org.keycloak.testsuite.util.WaitUtils] Wait: 5000ms
2025-11-11T11:18:53.5279839Z DockerClientTest ++ 11:16:45,678 ERROR [org.keycloak.testsuite.docker.DockerClientTest] [DockerClientTest] shouldPerformDockerAuthAgainstRegistry() FAILED
2025-11-11T11:18:53.5281926Z DockerClientTest ++ 11:16:45,678 INFO  [org.keycloak.testsuite.docker.DockerClientTest] [DockerClientTest] shouldPerformDockerAuthAgainstRegistry() FINISHED
2025-11-11T11:18:53.5283114Z DockerClientTest ++ 
2025-11-11T11:18:53.5283503Z DockerClientTest ++ 
2025-11-11T11:18:53.5283895Z DockerClientTest ++ Log has ended

So I suppose docker is checking now the SANs extensions in the certificate and TLS is failing. This test creates a docker registry and configures it to use keycloak. So the IP is the host network in the runner. My vote is to use plain http for this test.

Version

999.0.0-SNAPSHOT

Regression

  • The issue is a regression

Expected behavior

Test should work OK.

Actual behavior

Test failure .

How to Reproduce?

See for example this run: https://github.com/keycloak/keycloak/actions/runs/19263277490/job/55073417805?pr=44030

Anything else?

No response

Metadata

Metadata

Assignees

Labels

area/testsuiteIndicates an issue on the Testsuite areakind/bugCategorizes a PR related to a bugrelease/26.2.11release/26.4.5release/26.5.0team/continuous-testingteam/core-clients

Type

bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions