search

adorsys / keycloak-config-cli

Import YAML/JSON-formatted configuration files into Keycloak - Configuration as Code for Keycloak.
Apache License 2.0
759 stars 136 forks source link

Unrecognized field authenticatorFlow after update to rhsso 7.4.9 #582

Closed tingeltangelthomas closed 2 years ago

tingeltangelthomas commented 2 years ago

Current Behavior

2021-11-24 09:58:35.651  INFO 8 --- [           main] d.a.k.config.provider.KeycloakProvider   : Wait 120 seconds until http://rhsso-broker/auth is available ...                           
 2021-11-24 09:58:37.056 ERROR 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : javax.ws.rs.ProcessingException: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "authenticatorFlow" (class org.keycloak.representations.idm.AuthenticationExecutionExportRepresentat 
 ion), not marked as ignorable (7 known properties: "flowAlias", "authenticator", "priority", "authenticatorConfig", "userSetupAllowed", "requirement", "autheticatorFlow"])                                                                                                                                                 
  at [Source: (org.jboss.resteasy.specimpl.AbstractBuiltResponse$InputStreamWrapper); line: 1, column: 17654] (through reference chain: org.keycloak.representations.idm.RealmRepresentation["authenticationFlows"]->java.util.ArrayList[0]->org.keycloak.representations.idm.AuthenticationFlowRepresentation["authenticati 
 nExecutions"[]->java.util.ArrayList[0]->org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation["authenticatorFlow"])

Expected Behavior

Realm should be created/updated as with rhsso 7.4.7

Steps To Reproduce

update rhsso from 7.4.7 to 7.4.9

Environment

Running keycloak-config-cli in a container:

    Command:
      /bin/sh
    Args:
      -c
      java $JAVA_OPTS -jar /app/keycloak-config-cli.jar $0 $@;
    Environment:
      KEYCLOAK_URL:                           http://rhsso-broker/auth
      KEYCLOAK_USER:                          admin
      KEYCLOAK_PASSWORD:                      <set to the key 'admin_password' in secret 'rhsso-broker-creds'>  Optional: false
      LOGGING_LEVEL_ROOT:                     debug
      LOGGING_LEVEL_KEYCLOAKCONFIGCLI:        debug
      KEYCLOAK_AVAILABILITYCHECK_ENABLED:     true
      KEYCLOAK_AVAILABILITYCHECK_TIMEOUT:     120s
      IMPORT_PATH:                            /config
      IMPORT_FORCE:                           false
      IMPORT_MANAGED_AUTHENTICATIONFLOW:      no-delete
      IMPORT_MANAGED_CLIENT:                  no-delete
      IMPORT_MANAGED_CLIENTSCOPE:             no-delete
      IMPORT_MANAGED_COMPONENT:               no-delete
      IMPORT_MANAGED_GROUP:                   no-delete
      IMPORT_MANAGED_IDENTITYPROVIDER:        no-delete
      IMPORT_MANAGED_IDENTITYPROVIDERMAPPER:  no-delete
      IMPORT_MANAGED_REQUIREDACTION:          no-delete
      IMPORT_MANAGED_ROLE:                    no-delete
      IMPORT_MANAGED_SCOPEMAPPING:            no-delete
      IMPORT_MANAGED_SUBCOMPONENT:            no-delete
    Mounts:
      /config from realms (rw)

Anything else?

rhsso 7.4.8 release notes: https://access.redhat.com/articles/6214201 rhsso 7.4.9 release notes: https://access.redhat.com/articles/6322011

Can you help us to get it running on rhsso 7.4.9? It seems they added a new attribute to fix a typo...

Thank you!

Regards Thomas

jkroepke commented 2 years ago

Hi,

there is no official Keycloak 9.0.13 version.

But RedHat published such artifacts in the own repository.

https://mvnrepository.com/artifact/org.keycloak/keycloak-core/9.0.13.redhat-00006

I wont give official support here, but I can give you an introduction, how you could an own version if keycloak-config-cli which is maybe compatible to RH SSO.

Requirements installed on system:

Alternative, execute the step inside docker, use this image: maven:3-openjdk-11-slim

  1. Clone Repo

    $ git clone https://github.com/adorsys/keycloak-config-cli.git
$ git checkout v3.4.0

  2. Patch pom.xml

Enrich the pom.xml with the changes from: https://github.com/adorsys/keycloak-config-cli/pull/583

  1. Find correct release version for keycloak

Take a look at https://mvnrepository.com/artifact/org.keycloak/keycloak-core?repo=redhat-ga

For Keycloak 9.0.13, its 9.0.13.redhat-00006.

  1. Build keycloak-config-cli
$ mvn clean package -Prh-sso -Dkeycloak.version=9.0.13.redhat-00006

In case there are complier errors, then RH introduce breaking changes. But I'm not going to adjust code for such old versions. Sorry.

  1. Grab and test

In case task 4 is fine, you build is in target/keycloak-config-cli.jar and hope for the best.

tingeltangelthomas commented 2 years ago

Hi Jan, thank you for your really quick answer! I built jar file with 9.0.15.redhat-00002. It seems to work. I need to double check it.

Regards Thomas

jkroepke commented 2 years ago

For upcoming folks, take a look here: https://github.com/adorsys/keycloak-config-cli/blob/main/docs/RHSSO.md