Realms are not imported

[juliuskrah]

The realms one-relam.json and two-realm.json are not imported on startup. The following error is observed:

keycloak_1   | 16:55:37,245 WARN  [org.keycloak.services] (ServerService Thread Pool -- 69) KC-SERVICES0005: Unable to import realm one from file /tmp/one-realm.json.: java.lang.RuntimeException: Script upload is disabled
keycloak_1   |  at org.keycloak.keycloak-authz-policy-common@8.0.1//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.updatePolicy(JSPolicyProviderFactory.java:125)
keycloak_1   |  at org.keycloak.keycloak-authz-policy-common@8.0.1//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:70)
...
keycloak_1   | 16:55:41,005 WARN  [org.keycloak.services] (ServerService Thread Pool -- 69) KC-SERVICES0005: Unable to import realm two from file /tmp/two-realm.json.: java.lang.RuntimeException: Script upload is disabled
keycloak_1   |  at org.keycloak.keycloak-authz-policy-common@8.0.1//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.updatePolicy(JSPolicyProviderFactory.java:125)
keycloak_1   |  at org.keycloak.keycloak-authz-policy-common@8.0.1//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:70)

When I also try to import it from the keycloak admin console, I get the following exception:

keycloak_1   | 16:58:33,866 WARN  [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) SQL Error: 23506, SQLState: 23506
keycloak_1   | 16:58:33,868 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) Referential integrity constraint violation: "FK_C_CLI_SCOPE_SCOPE: PUBLIC.CLIENT_SCOPE_CLIENT FOREIGN KEY(SCOPE_ID) REFERENCES PUBLIC.CLIENT_SCOPE(ID) ('677b61a4-705f-4d8d-b6e2-b9e2a4153522')"; SQL statement:
keycloak_1   | insert into CLIENT_SCOPE_CLIENT (DEFAULT_SCOPE, CLIENT_ID, SCOPE_ID) values (?, ?, ?) [23506-193]
keycloak_1   | 16:58:33,893 ERROR [org.keycloak.services] (default task-1) KC-SERVICES0037: Error creating admin: org.keycloak.models.ModelDuplicateException: javax.persistence.PersistenceException: org.hibernate.exception.ConstraintViolationException: could not execute statement
keycloak_1   |  at org.keycloak.keycloak-model-jpa@8.0.1//org.keycloak.connections.jpa.PersistenceExceptionConverter.convert(PersistenceExceptionConverter.java:57)

[pakmans]

You can make it work by using an older version of keycloak (6.0.1). Modify etc/docker-compose.yml so that the keycloack image specifie the correct version:

image: jboss/keycloak:6.0.1

[juliuskrah]

I fixed it with a PR #2

[LBoraz]

change the docker compose file to be: KEYCLOAK_IMPORT: /tmp/one-realm.json,/tmp/two-realm.json -Dkeycloak.profile.feature.upload_scripts=enabled

[ahmad2smile]

@LBoraz I didn't work for me on keycloak 11, I get

FATAL [org.keycloak.services] (ServerService Thread Pool -- 69) Error during startup: java.lang.RuntimeException: java.io.FileNotFoundException: /opt/jboss/keycloak/my-realm.json (No such file or directory)

Even though I have verified that file exists there.

[ahmad2smile]

My bad @LBoraz , Had to do it in container image, else the file gets removed of something. Anyways works in Dockerfile:

ENV KEYCLOAK_IMPORT "/tmp/my_realm.json" -Dkeycloak.profile.feature.upload_scripts=enabled