[keycloak-user] update keycloak realm

[Pierre-Arnaud Galiana]

Following on an old thread (
http://lists.jboss.org/pipermail/keycloak-user/2016-May/006230.html), I
want to mention a pragmatic startup strategy I'm currently implementing in
a project:

To upgrade an existing realm (containing users) with a new realm.json
configuration (prepared in dev), we go through these steps:

- start a one-off "export instance", that exports realms and their users
(one json per realm, and realm users in "chunked files")
- once export complete, we kill that "export instance"
- prepare files to be imported: realm.json from our dev build, and users
json files that were just exported in the first step
- start the "real" keycloak with import flag, and mode OVERWRITE_EXISTING:
realms are deleted and recreated, then users re-imported

Still a few things to improve, such as environmnent-specific values (e.g.
redirect URLs), and of course that requires to shut down your instance.

Also the whole things is mostly our docker entrypoint, so a bit
heavy-handed approcah for docker...

Call to the keycloak team: this seems to be working, but is there some kind
of flaw that I didn't see yet?

Hope this can help someone too.

Pierre