I am trying to compile the Keycloak main branch via mvn compile locally.
I am stuck there on building the Keycloak JavaScript Adapter:
[INFO] --- compiler:3.8.1:compile (default-compile) @ keycloak-crypto-elytron ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 9 source files to [...]/keycloak/crypto/elytron/target/classes
[INFO]
[INFO] ----------------< org.keycloak:keycloak-js-adapter-jar >----------------
[INFO] Building Keycloak JavaScript Adapter (JAR) 999.0.0-SNAPSHOT [20/183]
[INFO] from adapters/oidc/js/pom.xml
[INFO] --------------------------------[ jar ]---------------------------------
[INFO]
[INFO] --- enforcer:3.0.0-M3:enforce (enforce-java-version) @ keycloak-js-adapter-jar ---
[INFO]
[INFO] --- enforcer:3.0.0-M3:enforce (enforce-maven-version) @ keycloak-js-adapter-jar ---
[INFO]
[INFO] --- buildnumber:1.4:create (get-scm-revision) @ keycloak-js-adapter-jar ---
[INFO]
[INFO] --- frontend:1.14.2:install-node-and-pnpm (default) @ keycloak-js-adapter-jar ---
[INFO] Installing node version v18.18.2
[INFO] Unpacking [...]/.m2/repository/com/github/eirslett/node/18.18.2/node-18.18.2-linux-x64.tar.gz into [...]/keycloak/node/tmp
[INFO] Copying node binary from [...]/keycloak/node/tmp/node-v18.18.2-linux-x64/bin/node to [...]/keycloak/node/node
[INFO] Installed node locally.
[INFO] Installing pnpm version 8.10.0
[INFO] Unpacking [...]/.m2/repository/com/github/eirslett/pnpm/8.10.0/pnpm-8.10.0.tar.gz into [...]/keycloak/node/node_modules
[INFO] Installed pnpm locally.
[INFO] No pnpm executable found, creating symbolic link to [...]/src/iam/keycloak/node/node_modules/pnpm/bin/pnpm.cjs.
[INFO]
[INFO] --- frontend:1.14.2:pnpm (pnpm-install) @ keycloak-js-adapter-jar ---
[INFO] Running 'pnpm install --prefer-offline --frozen-lockfile --ignore-scripts' in [...]/keycloak/js/libs/keycloak-js
[INFO] Could not start dynamically linked executable: [...]/keycloak/node/node
[INFO] NixOS cannot run dynamically linked executables intended for generic
[INFO] linux environments out of the box. For more information, see:
[INFO] https://nix.dev/permalink/stub-ld
It seems like Keycloak is using some frontend-maven-plugin, which downloads and installs node locally and nixos does not like this. Is there any way to fix this for me on my system without changing the repository code?
As a Nixos beginner myself, I encountered the same problem with another project using the Maven frontend plugin.
The plugin downloads the binary into the target folder of the maven module in question (target/node/node). Using ldd you can check which libraries are missing. Then you can add the library using the following settings in your configuraion.nix.
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
stdenv.cc.cc.lib # The missing library. May need a bit of research to find the right reference
];
Then, do the rebuild switch.
You may need to relog/reboot for this to take effect.
I don’t think it will work this way, because downloading some binary and attempting to run it won’t work. You need patchelf for this. The questions is, why you want to do it manually with maven, when we have a nice keycloak package in nixpkgs? What are you attempting to achieve with your build?
nix build nixpkgs#keycloak
ls -l result/
dr-xr-xr-x 3 root root 4096 Jan 1 1970 bin
dr-xr-xr-x 3 root root 4096 Jan 1 1970 conf
dr-xr-xr-x 5 root root 4096 Jan 1 1970 lib
-r--r--r-- 1 root root 11358 Jan 1 1970 LICENSE.txt
dr-xr-xr-x 2 root root 4096 Jan 1 1970 providers
-r--r--r-- 1 root root 492 Jan 1 1970 README.md
dr-xr-xr-x 2 root root 4096 Jan 1 1970 themes
-r--r--r-- 1 root root 26 Jan 1 1970 version.txt
I can’t speak for OP. In my case, I am working on a Java project that needs the problematic frontend plugin. The problem is that the Maven plugin is bad in the sense that it makes it incredibly difficult (impossible without modifying the project significantly just to make it build under NixOS) to use a local node install.
I think the clean solution would be patching the Maven plugin to make using the local node/npm easy.
If you just need the resulting JARs (e.g., a Keycloak server running), sure, download the build from somewhere else. However, if you want to develop in a team and you are insisting on using NixOS, you have to make do with the project build set up as it is. So, I documented “a solution” here for a relatively old question because I thought there may be others in a similar situation. For me, this issue almost stopped me from continuing to evaluate NixOS because developing the said project is one of my day-to-day tasks.