Keycloak server compatibility versions ?

Question

Keycloak server compatibility versions ?

Mattzr opened this issue 4 years ago · 3 comments

Hi,
First of all - great job on this keycloak controller, it's really useful and a lot easier way to manage a keycloak cluster compare to the traditional way with the json files to import.

So I have a question and suggestion at once:

which version of keycloak server this keycloak-controller si compatible with ?

It would be great to have a compatibility matrix in the README.md.

Why ?

Because when changing an existing KeycloakRealm by changing the roles for example, I'm seeing an error on the logs that seems to be related to an attribute that can't be parsed by the keycloak api probably because my keycloak server is ahead:

keycloak-instance/onboarding: unable to create realm
javax.ws.rs.client.ResponseProcessingException: javax.ws.rs.ProcessingException: 
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field \"webAuthnPolicyRpEntityName\"
 (class org.keycloak.representations.idm.RealmRepresentation), not marked as ignorable (106 known properties:
  \"userFederationMappers\", \"rememberMe\", \"duplicateEmailsAllowed\", \"adminEventsDetailsEnabled\", \"users\",
   \"components\", \"otpPolicyType\", \"accessCodeLifespanUserAction\", \"id\", \"enabledEventTypes\", \"applications\",
    \"eventsListeners\", \"ssoSessionMaxLifespanRememberMe\", \"defaultDefaultClientScopes\", \"notBefore\", \"publicKey\", 
    \"smtpServer\", \"resetPasswordAllowed\", \"accessTokenLifespanForImplicitFlow\", \"clientScopes\", 
    \"internationalizationEnabled\", \"attributes\", \"accessTokenLifespan\", \"passwordCredentialGrantAllowed\", 
    \"federatedUsers\", \"applicationScopeMappings\", \"displayName\", \"refreshTokenMaxReuse\", \"oauthClients\",
     \"defaultGroups\", \"browserFlow\", \"failureFactor\", \"directGrantFlow\", \"otpPolicyDigits\", 
     \"revokeRefreshToken\", \"otpSupportedApplications\", \"registrationFlow\", \"editUsernameAllowed\",
      \"ssoSessionIdleTimeoutRememberMe\", \"emailTheme\", \"realm\", \"actionTokenGeneratedByAdminLifespan\",
       \"authenticatorConfig\", \"offlineSessionMaxLifespan\", \"protocolMappers\", \"accountTheme\",
        \"maxDeltaTimeSeconds\" [truncated]])\n at [Source: (org.jboss.resteasy.client.jaxrs.internal.ClientResponse$InputStreamWrapper);

Answer 1 · 2020-02-11T11:02:39.000Z

Ok so new attributes were introduced in Keycloak 8.

keycloak-admin-client dependency version might need an upgrade to be compatible with version 8:

https://mvnrepository.com/artifact/org.keycloak/keycloak-admin-client/6.0.1

Would still be good to have a compatibility map !

Answer 2 · 2020-03-16T13:11:59.000Z

Fixed by 2.0.0

Answer 3 · 2020-03-16T14:14:34.000Z

Thanks for the fix. I still think it would be good to maintain a matrix of Keycloak compatibility version !