Open MrDeerly opened 7 months ago
Hey @MrDeerly thanks for the report I guess I can schedule it for next week :)
Hey @klg71,
any chance that you can schedule this soonish? :)
Hey @MrDeerly I looked into the issue. I would like to update directly to 24. They changed some apis and there is an issue with custom user attributes. Currently keycloakmigration stores the migration state in custom attributes of the admin user. This is only possible if you enable the custom attribute flag first. If we would like to change this its gonna be a major effort and I don't have a solution for it right now.
v24 is fine, lets skip 23
I built a release candidate for keycloak 24: https://github.com/mayope/keycloakmigration/releases/tag/0.2.56.RC3. @MrDeerly could you check if this solves your issue? I couldn't reproduce it in my tests.
Just successfully tested 0.2.56.RC3 with keycloak 24 and 25.
As mentioned in the release notes, I had to set the attribute policy manually.
For our test setup, we can run the following migration in the first step to update the master realm first and create test realm afterwards - including the attribute policy:
...
changes:
- updateRealm:
id: master
unmanagedAttributePolicy: ADMIN_EDIT
- addRealm:
name: ${REALM}
- updateRealm:
id: ${REALM}
unmanagedAttributePolicy: ADMIN_EDIT
Thank you @klg71 for this great tool.
When do you plan to release a production version for Keycloak 24/25?
If you don't have further remarks I will gladly promote the RC to production :)
If you don't have further remarks I will gladly promote the RC to production :)
Nothing further from my side, looking forward to upgrading.
Hey!
It seems like group operations like "assignRoleToGroup" are broken when using the current Keycloak version. They seem to have changed their scheme so that subGroups are no longer part of the original group but must be fetched seperatly.
The related changes can be found here:
To get the subGroups of a group
GET /admin/realms/{realm}/groups/{id}/children
must be perfomed. (see https://www.keycloak.org/docs-api/23.0.1/rest-api/index.html)Is there any chance you could look into that soon?
Thanks in advance!