search

ansible-collections / community.general

Ansible Community General Collection
https://galaxy.ansible.com/ui/repo/published/community/general/
GNU General Public License v3.0
833 stars 1.53k forks source link

[PR #8812/5d9a7ab2 backport][stable-9] keycloak_user_federation: remove `lastSync` param from kc API responses #8977

Closed patchback[bot] closed 1 month ago

patchback[bot] commented 1 month ago

This is a backport of PR #8812 as merged into main (5d9a7ab2400badc11a236c86076affa4327acb72).

SUMMARY

Keycloak stores a timestamp of the last ldap sync in the parameter lastSync. Once the parameter is set after a sync (periodic or manual), the module always detects a change and shows a diff similar to the one below.

--- before
+++ after
@@ -18,7 +18,6 @@
         "kerberosRealm": "EXAMPLE.NET",
         "keyTab": "/mnt/ad2",
         "krbPrincipalAttribute": "test",
-        "lastSync": "1724663435",
         "pagination": "false",
         "priority": "0",
         "rdnLDAPAttribute": "sAMAccountName",

changed: [kc1]

The parameter seems to be used to time the periodic syncs, so i don't think changing it is good idea. The API does allow changing it though. But I did not find a way to view or change the parameter in the web GUI.

It looks like the parameter is only used by kc internally, so it should be safe to ignore it and remove it entirely from all API responses.

Fixes 5842

ISSUE TYPE
COMPONENT NAME

community.general.keycloak_user_federation

ansibullbot commented 1 month ago

cc @eikef @laurpaum @mattock @ndclt @thomasbach-dev click here for bot help