chore(deps): update quay.io/keycloak/keycloak docker tag to v26

[Fameing]

This PR contains the following updates:

Package	Update	Change
quay.io/keycloak/keycloak	major	25.0.6 -> 26.0.7

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

Summary by CodeRabbit

• Chores

  • Updated the default embedded Keycloak Docker image tag to quay.io/keycloak/keycloak:26.6.1 across the project.

• Documentation

  • Updated README and configuration metadata to reflect the new default Docker image tag so docs and hints match the runtime default.

[ijusti]

keycloak/keycloak#33637

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2d65fada-8d41-40aa-93c6-5ad71aa9a751

📥 Commits

Reviewing files that changed from the base of the PR and between 342d34c and 3ef2e19.

📒 Files selected for processing (3)

• embedded-keycloak/README.adoc
• embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java
• embedded-keycloak/src/main/resources/META-INF/additional-spring-configuration-metadata.json

✅ Files skipped from review due to trivial changes (3)

• embedded-keycloak/README.adoc
• embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java
• embedded-keycloak/src/main/resources/META-INF/additional-spring-configuration-metadata.json

---

📝 Walkthrough

Walkthrough

Updated the default Keycloak Docker image tag from quay.io/keycloak/keycloak:25.0.6 to quay.io/keycloak/keycloak:26.6.1 in documentation, Java property default, and Spring configuration metadata. No other behavior, API, or property signatures changed.

Changes

Cohort / File(s)	Summary
Keycloak Docker Image Version Update embedded-keycloak/README.adoc, embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java, embedded-keycloak/src/main/resources/META-INF/additional-spring-configuration-metadata.json	Updated default/suggested Keycloak Docker image tag from quay.io/keycloak/keycloak:25.0.6 → quay.io/keycloak/keycloak:26.6.1. No other property names, signatures, or logic altered.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested reviewers

• Periecle

Poem

🐰 I tweak a tag and give a hop,
Docs and code all lined on top.
From twenty-five to twenty-six we go,
A tiny hop, a brighter show. 🥕✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: updating the Keycloak Docker image tag from 25.0.6 to 26.6.1 across multiple files.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/quay.io-keycloak-keycloak-26.x

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java`:
- Line 84: The Keycloak image tag in KeycloakProperties currently returns
"quay.io/keycloak/keycloak:26.5.6" which mismatches the PR objective that states
26.0.7; either change the returned image tag in KeycloakProperties to
"quay.io/keycloak/keycloak:26.0.7" to match the PR objective, or if the update
to 26.5.6 is intentional, update the PR description and any related
documentation/changelog to state the upgrade to 26.5.6 and why (include
security/bugfix note). Ensure you modify the string literal in
KeycloakProperties (the method returning the image tag) and keep accompanying PR
text consistent.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7210e600-4abb-4b69-aca0-ffd15df38b6c

📥 Commits

Reviewing files that changed from the base of the PR and between 0a17e29 and 7d02ab9.

📒 Files selected for processing (3)

• embedded-keycloak/README.adoc
• embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java
• embedded-keycloak/src/main/resources/META-INF/additional-spring-configuration-metadata.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

What are the Keycloak Docker image tags and release notes for 26.0.7 and 26.5.6 on quay.io/keycloak/keycloak, and are there breaking changes between them relevant to start-dev/import-realm usage?

💡 Result:

Keycloak Docker images on quay.io/keycloak/keycloak use tags matching the release versions, such as '26.0.7' and '26.5.6'. Both 26.0.7 (released Dec 2024) and 26.5.6 (released Mar 19 2026) exist as tags, confirmed by mirror sites and usage examples. Official Quay pages confirm the repo exists and examples use quay.io/keycloak/keycloak:26.0.7, quay.io/keycloak/keycloak:26.5.6 format. Docker Hub mirrors show similar tagging pattern for 26.x series (e.g., 26.5.6 aligns with latest). Release notes: - 26.0.7: Bug fixes (e.g., cluster permission tickets, admin events, reCAPTCHA, flaky tests), enhancements (Infinispan upgrade). No major breaking changes noted specific to dev mode. Full list at https://www.keycloak.org/2024/12/keycloak-2607-released and GitHub releases. - 26.5.6: Security fixes (multiple CVEs: authorization bypass, info disclosure, privilege escalation), bugs (e.g., startup regression, LDAP sync, operator DB config). Mostly patches; refer to migration guide. Full at https://www.keycloak.org/2026/03/keycloak-2656-released and GitHub. Breaking changes between 26.0.7 and 26.5.6: Review full upgrading guide (https://www.keycloak.org/docs/26.5.5/upgrading/). Key changes across 26.x include Infinispan marshalling (26.0.0: requires upgrade path via 25 for sessions), cache config updates (remove default conf/cache-ispn.xml), deprecated transport stacks (use jdbc-ping), hostname v2 default. Patch releases (26.0.7, 26.5.x) focus on fixes, no new major breaks. For start-dev/import-realm: No specific breaking changes found. import-realm uses /opt/keycloak/data/import volume, unchanged. start-dev for dev/testing; docs confirm consistent usage (docker run quay.io/keycloak/keycloak:version start-dev --import-realm). Cache/DB changes may affect clustered dev setups, but single dev mode unaffected. Always check migration guide before upgrade.

Citations:

• 1: https://github.com/keycloak/keycloak/releases
• 2: https://quay.io/repository/keycloak/keycloak
• 3: https://www.keycloak.org/2026/03/keycloak-2656-released
• 4: https://www.keycloak.org/2024/12/keycloak-2607-released.html
• 5: https://docker.aityp.com/image/quay.io/keycloak/keycloak:26.0.7
• 6: https://www.keycloak.org/server/containers
• 7: https://www.keycloak.org/getting-started/getting-started-docker
• 8: https://www.mastertheboss.com/keycloak/keycloak-with-docker/
• 9: https://www.keycloak.org/docs/26.5.5/upgrading/

---

Align Keycloak tag with PR objective.

The code sets 26.5.6, but the PR objective states 26.0.7. Both versions are valid and compatible—26.5.6 (released Mar 2026) includes security fixes and minor bug fixes from 26.0.7 (released Dec 2024) with no breaking changes for start-dev/import-realm usage. Clarify whether the upgrade to 26.5.6 is intentional and update the PR objective accordingly to match the actual version.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@embedded-keycloak/src/main/java/com/playtika/testcontainer/keycloak/KeycloakProperties.java`
at line 84, The Keycloak image tag in KeycloakProperties currently returns
"quay.io/keycloak/keycloak:26.5.6" which mismatches the PR objective that states
26.0.7; either change the returned image tag in KeycloakProperties to
"quay.io/keycloak/keycloak:26.0.7" to match the PR objective, or if the update
to 26.5.6 is intentional, update the PR description and any related
documentation/changelog to state the upgrade to 26.5.6 and why (include
security/bugfix note). Ensure you modify the string literal in
KeycloakProperties (the method returning the image tag) and keep accompanying PR
text consistent.