f11h
commented
1 year ago Check the documentation: https://github.com/adorsys/keycloak-config-cli/blob/main/docs/MANAGED.md Your case is perfectly covered ;)
Closed xgp closed 1 year ago
f11h
commented
1 year ago Check the documentation: https://github.com/adorsys/keycloak-config-cli/blob/main/docs/MANAGED.md Your case is perfectly covered ;)
xgp
commented
1 year ago Thanks for the pointer @f11h I didn't initially find this in the docs.
xgp
commented
1 year ago Do you know how to change those flags into environment variables. For example, that doc says I should set --import.managed.authentication-flow=no-delete to preserve authentication flows that are not managed by keycloak-config-cli. Is it just IMPORT_MANAGED_AUTHENTICATION_FLOW for the environment variable? I can't figure out where it gets loaded/converted in the code.
xgp
commented
1 year ago Looks like it uses "Spring Relaxed Binding", so the solution is to remove the hyphen altogether.
--import.managed.authentication-flow=no-delete becomes IMPORT_MANAGED_AUTHENTICATIONFLOW=no-delete
Problem Statement
I'd like to allow admins to create entities (e.g. IdPs, Authentication Flows) using the Keycloak Admin UI that are a superset of what is in the realm config json I use with keycloak-config-cli.
Is it currently possible to tell keycloak-config-cli not to delete entities it doesn't have in the config?
Proposed Solution
Essentially this feature would be to add elements in the config that do not exist in the realm. Update elements that do not match between the config and realm. But do not delete elements that exist in the realm but not the config.
Environment
Additional information
No response
Acceptance Criteria
No response