Open FAUSheppy opened 1 year ago
Files identified in the description:
If these files are incorrect, please update the component name
section of the description or use the !component
bot command.
cc @eikef @laurpaum @ndclt click here for bot help
cc @mattock click here for bot help
cc @thomasbach-dev click here for bot help
Just FYI this Problem persists, last checked on keyclock 25.0.1
I can create a PR to fix this. Just need some input on how the module should behave.
The value seems to be used to time the period syncs, so I don't know if changing it is a good idea. The API i think allows it, but there's no option in the web GUI.
The simplest solution would probably be to just ignore it and remove it from the kc responses.
Another option might be to check whether there was a successful sync after a provided timestamp. But that would be more complex and require an additional meta argument. I also don't know it that's a relevant use case since kc already offers periodic sync settings.
@FAUSheppy - i created a PR https://github.com/ansible-collections/community.general/pull/8812 that just removes the parameter from all keycloak reponses, which should solve the issue. Could you take a look at it?
Summary
With Keycloak 19.0.1, if you create a LDAP-storage provider with this module, then go to the Keycloak interface -> User Federation -> Provider -> Actions (top right) -> Sync, Keycloak sets a value called "lastSync" containing the timestamp of the latest synchronization.
On subsequent ansible runs, the task will always show as changed:
The value cannot be overwritten or removed, repeated runs do not fix this problem, the task remains listed as changed with the above diff.
Issue Type
Bug Report
Component Name
community.general.keycloak_user_federation
Ansible Version
Community.general Version
Configuration
OS / Environment
Debian 11 Bullseye
Steps to Reproduce
Expected Results
Task should no show changed OR subsequent runs should overwrite the value.
Actual Results
Code of Conduct