Terraform provider for Keycloak.
All documentation for this provider can now be found on the Terraform Registry: https://registry.terraform.io/providers/mrparkers/keycloak/latest/docs
The old documentation can still be found at https://mrparkers.github.io/terraform-provider-keycloak, but these docs will no longer be kept up to date.
v2.0.0 and above can be installed automatically using Terraform >=0.13 by using the terraform
configuration block:
terraform {
required_providers {
keycloak = {
source = "mrparkers/keycloak"
version = ">= 2.0.0"
}
}
}
If you are using v2.0.0 and above with Terraform 0.12, you can use this provider by downloading it and placing it within one of the implied local mirror directories. Or, follow the old instructions for installing third-party plugins.
If you are using any version below v2.0.0, you can also follow the old instructions for installing third-party plugins.
Please read https://www.terraform.io/upgrade-guides/0-13.html first. For a keycloak project follow the following steps in order:
terraform -v
should print 0.13 and list no keycloak providerterraform state replace-provider registry.terraform.io/-/keycloak mrparkers/keycloak
- find all
provider keycloak {...}
blocks in*.tf
(also in all modules you are including) and delete theversion
line - add the
terraform { required_provides { keycloak = { ...
block mentioned in "Installation" toterraform.tf
(also in all module directories you are including). Be sure to also always add "source" or else the Terraform looks for "hashicorp/keycloak"! terraform 0.13upgrade
terraform init
This provider will officially support the latest three major versions of Keycloak, although older versions may still work.
The following versions are used when running acceptance tests in CI:
- 15.0.2 (latest)
- 14.0.0
- 13.0.1
This provider uses GoReleaser to build and publish releases. Each release published to GitHub
contains binary files for Linux, macOS (darwin), and Windows, as configured within the .goreleaser.yml
file.
Each release also contains a terraform-provider-keycloak_${RELEASE_VERSION}_SHA256SUMS
file, accompanied by a signature
created by a PGP key with the fingerprint C508 6791 5E11 6CD2
. This key can be found on my Keybase account at https://keybase.io/mrparkers.
You can find the list of releases here. You can find the changelog for each version here.
Note: Prior to 2.0.0, a statically linked build for use within Alpine linux was included with each release. This is no longer
done due to GoReleaser not supporting CGO. Instead of using a statically linked,
build you can use the linux_amd64
build as long as libc6-compat
is installed.
This project requires Go 1.16 and Terraform >=0.13. This project uses Go Modules for dependency management, which allows this project to exist outside of an existing GOPATH.
After cloning the repository, you can build the project by running make build
.
You can spin up a local developer environment via Docker Compose by running make local
.
This will spin up a few containers for Keycloak, PostgreSQL, and OpenLDAP, which can be used for testing the provider.
This environment and its setup via make local
is not intended for production use.
Note: The setup scripts require the jq command line utility.
Every resource supported by this provider will have a reasonable amount of acceptance test coverage.
You can run acceptance tests against a Keycloak instance by running make testacc
. You will need to supply some environment
variables in order to set up the provider during tests. Here is an example for running tests against a local environment
that was created via make local
:
KEYCLOAK_CLIENT_ID=terraform \
KEYCLOAK_CLIENT_SECRET=884e0f95-0f42-4a63-9b1f-94274655669e \
KEYCLOAK_CLIENT_TIMEOUT=5 \
KEYCLOAK_REALM=master \
KEYCLOAK_URL="http://localhost:8080" \
make testacc