You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, this property does not work for mutable applications when running re-augmentation.
This RFE is about taking into account the artifacts set to the quarkus.class-loading.removed-artifacts when re-augmenting a mutable application.
The driven use case is FIPS support in Keycloak. We have two distinct modules offering crypto capabilities. Both should be included (as well as its dependencies) in the distribution but only one of them should be available at runtime.
One of the modules provide our default crypto provider which relies on BC. The other offers FIPS support based on BCFIPS.
When users want to enable FIPS, they should install the corresponding BC jars to a specific directory into the server distribution and, during re-augmentation, we need to remove the default crypto provider and related dependencies from the runtime.
I'm not overly excited about it but I will let @aloubyansky judge of that. I don't think we have that many users of this feature and it looks relatively safe.
Description
It is possible to remove artifacts from the final application by setting the quarkus.class-loading.removed-artifacts property.
However, this property does not work for mutable applications when running re-augmentation.
This RFE is about taking into account the artifacts set to the
quarkus.class-loading.removed-artifacts
when re-augmenting a mutable application.The driven use case is FIPS support in Keycloak. We have two distinct modules offering crypto capabilities. Both should be included (as well as its dependencies) in the distribution but only one of them should be available at runtime.
One of the modules provide our default crypto provider which relies on BC. The other offers FIPS support based on BCFIPS.
When users want to enable FIPS, they should install the corresponding BC jars to a specific directory into the server distribution and, during re-augmentation, we need to remove the default crypto provider and related dependencies from the runtime.
Implementation ideas
Please, see pedroigor@08aa390.
The text was updated successfully, but these errors were encountered: