tomasdavidorg commented on code in PR #1902:
URL:
https://github.com/apache/incubator-kie-kogito-examples/pull/1902#discussion_r1551274834
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
Review Comment:
Shouldn't we also mention to create `sonataflow` realm, `apisix-ingress`
client and a user and copy the `<CLIENT_SECRET>`, `<USER_NAME>` and
`<USER_PASSWORD>` to the command?
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
Review Comment:
There should be specified namespace and the app should be keycloak otherwise
the command does not work for me:
```suggestion
kubectl port-forward $(kubectl get pods -n keycloak -l app=keycloak
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
+```
+
+## Installing APISIX
+
+```shell
+ADMIN_API_VERSION=v3
+
+helm install apisix apisix/apisix \
+ --set service.type=NodePort \
+ --set ingress-controller.enabled=true \
+ --create-namespace \
+ --namespace ingress-apisix \
+ --set ingress-controller.config.apisix.serviceNamespace=ingress-apisix \
+ --set ingress-controller.config.apisix.adminAPIVersion=$ADMIN_API_VERSION
+
+kubectl get service --namespace ingress-apisix
+```
+
+### Exposing APISIX Ingress on Minikube
+
+```shell
+minikube service apisix-gateway --url -n ingress-apisix
+```
+
+## Installing SonataFlow Operator
+
+Enable minikube registry:
+
+```shell
+minikube addons enable registry
+```
+
+Install the operator:
+
+```shell
+kubectl create -f
https://raw.githubusercontent.com/apache/incubator-kie-kogito-serverless-operator/main/operator.yaml
+```
+
+### Deploy greeting workflow
+
+```shell
+kubectl create ns sonataflow
+kubectl apply -f manifests/workflow-app/sonataflow-greeting.yaml -n sonataflow
Review Comment:
```suggestion
kubectl apply -f manifests/workflow-app/01-sonataflow-greeting.yaml -n
sonataflow
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
+```
+
+## Installing APISIX
+
+```shell
+ADMIN_API_VERSION=v3
+
+helm install apisix apisix/apisix \
+ --set service.type=NodePort \
+ --set ingress-controller.enabled=true \
+ --create-namespace \
+ --namespace ingress-apisix \
+ --set ingress-controller.config.apisix.serviceNamespace=ingress-apisix \
+ --set ingress-controller.config.apisix.adminAPIVersion=$ADMIN_API_VERSION
+
+kubectl get service --namespace ingress-apisix
+```
+
+### Exposing APISIX Ingress on Minikube
+
+```shell
+minikube service apisix-gateway --url -n ingress-apisix
+```
+
+## Installing SonataFlow Operator
+
+Enable minikube registry:
+
+```shell
+minikube addons enable registry
+```
+
+Install the operator:
+
+```shell
+kubectl create -f
https://raw.githubusercontent.com/apache/incubator-kie-kogito-serverless-operator/main/operator.yaml
+```
+
+### Deploy greeting workflow
+
+```shell
+kubectl create ns sonataflow
+kubectl apply -f manifests/workflow-app/sonataflow-greeting.yaml -n sonataflow
+```
+
+### Add the APISIX Route to protect the workflow application
+
+```shell
+kubectl apply -f manifests/workflow-app/sonataflow-route.yaml -n sonataflow
+```
+
+## Validating if the setup works
+
+First, try acquiring the token:
+
+```shell
+ACCESS_TOKEN=$(curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=<CLIENT_SECRET>" \
+ -d "username=<USER_NAME>" \
+ -d "password=<USER_PASSWORD>" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token";
| jq -r .access_token)
+```
+
+Then make a call to the SonataFlow Greeting workflow:
+
+```shell
+curl -v POST http://127.0.0.1:63031/greeting -H "Content-type:
application/json" -H "Host: local.greeting.sonataflow.org" -H "Authorization:
Bearer ${ACCESS_TOKEN}" --data '{ "name": "Zanini" }'
Review Comment:
```suggestion
curl -v POST <APISIX_GATEWAY_URL>/greeting -H "Content-type:
application/json" -H "Host: local.greeting.sonataflow.org" -H "Authorization:
Bearer ${ACCESS_TOKEN}" --data '{ "name": "Zanini" }'
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
+```
+
+## Installing APISIX
Review Comment:
Shouldn't we mention how to add the apisix repo?
```
helm repo add apisix https://charts.apiseven.com
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/manifests/workflow-app/kustomization.yaml:
##########
@@ -0,0 +1,13 @@
+# Copyright 2024 Apache Software Foundation (ASF)
Review Comment:
Is this file used in any way?
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
Review Comment:
I would remove the dot and resize the code to the whole line otherwise it
could happen that user can also copy it to the `/etc/hosts`
````suggestion
```
127.0.0.1 keycloak.keycloak.svc.cluster.local
```
````
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
+```
+
+## Installing APISIX
+
+```shell
+ADMIN_API_VERSION=v3
+
+helm install apisix apisix/apisix \
Review Comment:
```suggestion
helm install apisix apisix/apisix \
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/manifests/workflow-app/greeting.sw.yaml:
##########
@@ -0,0 +1,55 @@
+# Copyright 2024 Apache Software Foundation (ASF)
Review Comment:
Is this file used in any way? Is it here for presenting the Serverless
workflow for a user to open it in a visual editor?
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
Review Comment:
```suggestion
-d "client_secret=<CLIENT_SECRET>" \
-d "username=<USER_NAME>" \
-d "password=<USER_PASSWORD>" \
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
+```
+
+## Installing APISIX
+
+```shell
+ADMIN_API_VERSION=v3
+
+helm install apisix apisix/apisix \
+ --set service.type=NodePort \
+ --set ingress-controller.enabled=true \
+ --create-namespace \
+ --namespace ingress-apisix \
+ --set ingress-controller.config.apisix.serviceNamespace=ingress-apisix \
+ --set ingress-controller.config.apisix.adminAPIVersion=$ADMIN_API_VERSION
+
+kubectl get service --namespace ingress-apisix
+```
+
+### Exposing APISIX Ingress on Minikube
+
+```shell
+minikube service apisix-gateway --url -n ingress-apisix
+```
+
+## Installing SonataFlow Operator
+
+Enable minikube registry:
+
+```shell
+minikube addons enable registry
+```
+
+Install the operator:
+
+```shell
+kubectl create -f
https://raw.githubusercontent.com/apache/incubator-kie-kogito-serverless-operator/main/operator.yaml
+```
+
+### Deploy greeting workflow
+
+```shell
+kubectl create ns sonataflow
+kubectl apply -f manifests/workflow-app/sonataflow-greeting.yaml -n sonataflow
+```
+
+### Add the APISIX Route to protect the workflow application
+
+```shell
+kubectl apply -f manifests/workflow-app/sonataflow-route.yaml -n sonataflow
Review Comment:
Missing prefix + should't we mentioned that in the route file `<the_secret>`
should be replaced by `<CLIENT_SECRET>`?
```suggestion
kubectl apply -f manifests/workflow-app/02-sonataflow-route.yaml -n
sonataflow
```
##########
serverless-operator-examples/sonataflow-apisix-oidc/README.md:
##########
@@ -0,0 +1,124 @@
+# SonataFlow Authentication and Authorization with Keycloak and APISIX
+
+## Installing Keycloak
+
+Install Keycloak with PostgreSQL:
+
+```shell
+kubectl create ns keycloak
+kubectl kustomize manifests/bases | kubectl apply -f - -n keycloak
+```
+
+### Exposing Keycloak
+
+```shell
+# Let's use kubectl port-forward to equalize the Keycloak endpoint URI so
APISIX and your local env access Keycloak using the same URL
+# This method works even in Windows/Darwin where Podman/Docker won't give
access to the internal network
+# Hence, we must rely on tunnel/port-forward
+kubectl port-forward $(kubectl get pods -l app=myapp
--output=jsonpath='{.items[*].metadata.name}') 8080:8080 -n keycloak
+```
+
+Edit your `/etc/hosts` file to access Keycloak using the same DNS name:
+
+```shell
+sudo vi /etc/hosts
+```
+
+Then add this line to the file:
+
+```127.0.0.1 keycloak.keycloak.svc.cluster.local```.
+
+Now, you can access the Keycloak application via
[http://keycloak.keycloak.svc.cluster.local:8080](http://keycloak.keycloak.svc.cluster.local:8080)
+
+This is the same endpoint we will configure the APISIX Route. This is an
important step since the token must be generated and validated by the same OIDC
server and the host is part of the token validation.
+
+### Authenticating
+
+Using the above URL, you can try requesting a token using [Grant Type
Password](https://www.keycloak.org/docs/23.0.7/securing_apps/#_resource_owner_password_credentials_flow).
+
+```shell
+curl \
+ -d "client_id=apisix-ingress" \
+ -d "client_secret=kDb8jS1asUOxYjDJb3bUaimzUen9PRD4" \
+ -d "username=zanini" \
+ -d "password=zanini" \
+ -d "grant_type=password" \
+
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token
Review Comment:
```suggestion
"http://keycloak.keycloak.svc.cluster.local:8080/realms/sonataflow/protocol/openid-connect/token";
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
