<div dir="ltr">I'd like to get import/export done properly. The addition of being able to add bits and pieces to import in a directory would be really helpful on Docker/OpenShift/etc..<div><br></div><div>Besides, CLI is on hold until we decide what to do. We're not going to decide on that in the next week weeks. I'm not sure we have the resources available to do CLI properly before Christmas, so it would probably be better to wait.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 21 October 2015 at 14:15, Stan Silvert <span dir="ltr"><<a href="mailto:ssilvert@redhat.com" target="_blank">ssilvert@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>I like those ideas too. Some have
already been talked about but regarded as "nice to have".<br>
<br>
The question is do we want me to spend extra weeks on all those
features or do we want to get started on CLI? <br>
<br>
Right now, I have batch import implemented for Users, Clients, and
Identity Providers. It's easy to add the replace, skip, error
feature, so I'll probably spend a couple of extra hours today
doing that.<br>
<br>
Personally, I think the best approach is to implement the simplest
possible version of the feature and then get feedback to see what
enhancements are really needed. If you want to try out the import
feature, It's here:<br>
<a href="https://github.com/ssilvert/keycloak/tree/user-import-export" target="_blank">https://github.com/ssilvert/keycloak/tree/user-import-export</a><div><div class="h5"><br>
<br>
On 10/21/2015 6:00 AM, Stian Thorgersen wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">Those are nice additional options we could have.
Simply have a checkbox to re-generate realm keys and another
checkbox to re-generate client secrets (if a client is using jwt
auth then we shouldn't re-generate the keys for the client as we
don't store the private key).</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 21 October 2015 at 10:06, Thomas
Raehalme <span dir="ltr"><<a href="mailto:thomas.raehalme@aitiofinland.com" target="_blank">thomas.raehalme@aitiofinland.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>I think all of these sound useful!<br>
<br>
</div>
May I suggest another useful option when importing
realm or client, which is to re-generate keys and
secrets?<br>
<br>
</div>
Best regards,<br>
</div>
Thomas<br>
<div class="gmail_extra"><br>
<div class="gmail_quote">
<div>
<div>On Wed, Oct 21, 2015 at 11:00 AM,
Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span>
wrote:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div>
<div dir="ltr">After your last email with
regards to removing the import button from
client create page I had an idea.
<div><br>
</div>
<div>How about we do the following:</div>
<div><br>
</div>
<div><br>
</div>
<div>Import/export single</div>
<div>--------------------------</div>
<div>On realm, client, identity provider and
user federation create pages we add the
import button. This will prefill the form
and let the user review before importing.
This is how realm and client works now. We'd
also add a link to export a single entity
when displaying it in the admin console
(next to the delete icon).</div>
<div><br>
</div>
<div>Batch export</div>
<div>-----------------</div>
<div>When exporting a realm you can select
what you want to export. The option would
include realm settings, clients, identity
brokers, user federation, users,
credentials. Further there would be an
option if export would be done to a file or
a json download. If export to file is
selected you would get the option to export
credentials for users, if json download is
selected that option would be disabled.</div>
<div><br>
</div>
<div>Batch import</div>
<div>-----------------<br>
</div>
<div>We should have options to import a realm
as well as import into an existing realm.
For this we should have an option to select
what happens if resources exists (for
example client with client-id exists, or
user with username exists). Options could be
replace, skip, warn, error, etc..</div>
<div><br>
</div>
<div><br>
</div>
<div>Finally I was also thinking about an
option where we'd have a import directory on
the server. Any files in this would be
imported on startup. Once imported we'd add
a "<filename>.imported" or
"<filename>.failed". Same here it
would be nice to be able to somehow specify
the strategy if the resource exists.</div>
</div>
<br>
</div>
</div>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>