IIRC, Wildfly also uses eval in standalone.sh and that is the reason why we are also using it.

Looks like the changes break the script and fails to start the server. I'm kinda lacking an alternative here :)

@pedroigor jump to pure java instead of scripts? (fun for now, but only half. we should really go down that path)

But yeh, i tried it out locally and the server starts but nothing gets logged anymore. the newest changes are also not doing the trick, at least not locally here and also not in the CI -> https://github.com/keycloak/keycloak/runs/6453217301?check_suite_focus=true#step:8:4177

Option 1: Really go down the pure java path. (+1 from my side)
Option 2: sanitize eval. see e.g. https://unix.stackexchange.com/questions/296825/how-to-deal-with-insecurity-of-eval-evaluating-external-input-in-a-script | https://stackoverflow.com/questions/17529220/why-should-eval-be-avoided-in-bash-and-what-should-i-use-instead | https://medium.com/dot-debug/the-perils-of-bash-eval-cc5f9e309cae
Option 3: leave as is (not recommended)

TBH, I would just leave it as-is for now. We should probably reach out Wildfly team to understand why they are using it as I wouldn't be surprised at all if they had this discussion before.

Not sure if we can do #1 now but yes we should consider it in the future after a lot of discussions :)

@DGuhr @pedroigor thanks for reviewing it. Converted to a draft for now. All the 3 options are valid, and I would say that this is issue has low impact.

The reason why we see so many failures is that the changes proposed swallow most of the error messages, that can be changed.

If you would like, I can look at the test failures this week, and propose a fix. Otherwise, I can close this PR, and leave the GH issue opened until we reach a conclusion.

@abstractj when we can improve this, we should imo improve it, so sure, go for it :)

Just to clarify: When I tried your PR branch locally, not only the errors were not showing (e.g. running ./kc.sh start-dev) but I got no console output at all, but the server started normally "in the background". That's also reflected in the test results, see e.g. https://github.com/keycloak/keycloak/runs/6425900016?check_suite_focus=true#step:8:5753 this run.

But +1 to low impact.