Re: [keycloak-dev] Export/import implementation

On 4/28/2014 3:27 AM, Marek Posolda wrote: > I am planning to start soon on export/import. If I recall correctly, one > of the requirements is to export the content of whole DB content > (including IDs and password hashes) to JSON file, which can then be > later imported into other DB. This will allow to migrate between > environments and various DB types (For example from Mongo to MySQL and > viceversa). > IMO, a full export (of credentials) should require a secret given by the admin that will be used to encrypt the export. The export should only be saved locally to disk and not available over the network.

> I have some question though > > 1) I assume that DB should be cleared before full import from JSON file? > Or do we want to update existing data without deleting the previous > content? I assume that this is used for migration, so it's not about > updating but completely delete and recreate existing DB, correct? > > 2) How to implement it. I can see two approaches > > a) Use model API to retrieve content of the DB into JSON file during > export. Similarly during import use model API to sync objects back from > JSON into model DB. > > b) Add some methods to KeycloakSession interface like: > > ObjectNode export(); > > void import(ObjectNode node); > > and implement export/import separately for each model. > > Approach (b) might be better for performance as it allows to directly > use low-level queries specific to JPA, Mongo or other model > implementations to export/import stuff more effectively in batch, > however it will require changes in model implementations and probably > adding more stuff into dependencies. So I am more convinced to use (a). > Thoughts? > "a", IMO. Easier to maintain.

-- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev