Description

As outlined here, it's possible to import a realm. This works great until you need to overwrite an existing realm (like master). Doing so requires specifying the keycloak.migration.strategy=OVERWRITE_EXISTING parameter, which isn't directly possible with this image.

This documentation states:

You cannot use the keycloak.import parameter with keycloak.migration.X parameters. If you use these parameters together, {project_name} ignores the keycloak.import parameter.

That means that in order to perform the overwrite I had to specify KEYCLOAK_IMPORT, which turns into keycloak.import, with a dummy value and then abuse it by tacking on the import options I actually want:

env:
  - name: KEYCLOAK_IMPORT
    value: "/opt/jboss/keycloak/imports/realm-export.json -Dkeycloak.migration.action=import -Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=/opt/jboss/keycloak/imports/realm-export.json -Dkeycloak.migration.strategy=OVERWRITE_EXISTING -Dkeycloak.profile.feature.upload_scripts=enabled"

In this case, the first /opt/jboss/keycloak/imports/realm-export.json gets completely ignored. It'd be nice if there was a better way to specify arbitrary keycloak.migration.* options.

Discussion

No response

Motivation

No response

Details

No response

With Keycloak 20 the WildFly based distribution is no longer supported. For the newer Quarkus distribution of Keycloak, check out the new documentation, or the updated container sources.