[keycloak-user] How to best deal with changes in the Keycloak realm JSON files during upgrades?
Edgar Vonk - Info.nl
Edgar at info.nl
Fri Jan 6 08:03:39 EST 2017
Thanks Stian! Good to know.
On 6 Jan 2017, at 11:37, Stian Thorgersen <sthorger at redhat.com<mailto:sthorger at redhat.com>> wrote:
JSON files are backwards compatible and we actually migrate them on import. I'd suggest once in a while (yearly? every major release? or something like that) you import and export again to get a clean non-migrated version though.
On 6 January 2017 at 11:08, Edgar Vonk - Info.nl<http://Info.nl> <Edgar at info.nl<mailto:Edgar at info.nl>> wrote:
Hi,
The structure of the Keycloak realm JSON files changes sometimes with new versions of Keycloak. Since we use these realm JSON files to manage all our custom settings in Keycloak (we store them in Git etc) in a fully automated way (continuous delivery) this is quite problematic for us since we need to figure out exactly what has changed. E.g. I think in Keycloak 2.3.0 the structure of the LDAP federations changed considerably.
How do other people deal with this? Or do people usually not manage their Keycloak settings this way?
What does somewhat surprise me is that even though we did not upgrade our realm JSON files for this particular LDAP federations change our old files could still be imported in Keycloak 2.5.0 fine. I guess Keycloak is backwards compatible to importing the old JSON structure for a few releases? As soon as you export the realm files of course the new structure is used.
cheers
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list