With Keycloak 17 running in a docker container, how can we now export/import a realm ?
This was documented for the docker image based on Wildfly but it is no more documented for the docker imaged base on Quarkus.

Previously it was possible to export a realm using this command :

docker exec -it kc /opt/jboss/keycloak/bin/standalone.sh \
-Djboss.socket.binding.port-offset=100 -Dkeycloak.migration.action=export \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.realmName=my_realm \
-Dkeycloak.migration.usersExportStrategy=REALM_FILE \
-Dkeycloak.migration.file=/tmp/my_realm.json

which as you can see is very specific to the Wildfly implementation (call to the Wildfly standalone.sh script).

And the import was done using this command when starting the container :

docker run -e KEYCLOAK_USER=<USERNAME> -e KEYCLOAK_PASSWORD=<PASSWORD> \
    -e KEYCLOAK_IMPORT=/tmp/example-realm.json -v /tmp/example-realm.json:/tmp/example-realm.json jboss/keycloak

How can it now be achieved with the Quarkus based image ?

There are import and export commands available for kc.sh.
From the command line:

$ ./kc.sh import --help
Import data from a directory or a file.

Usage:

kc.sh import [OPTIONS]

Import data from a directory or a file.

Options:

--dir <path>         Set the path to a directory where files will be created with the exported data.
--file <path>        Set the path to a file that will be created with the exported data.
-h, --help           This help message.
--override <false>   Set if existing data should be skipped or overridden. Default: true.
--realm <realm>      Set the name of the realm to export

$ ./kc.sh export --help
Export data from realms to a file or directory.

Usage:

kc.sh export [OPTIONS]

Export data from realms to a file or directory.

Options:

--dir <path>         Set the path to a directory where files will be created with the exported data.
--file <path>        Set the path to a file that will be created with the exported data.
-h, --help           This help message.
--realm <realm>      Set the name of the realm to export
--users <strategy>   Set how users should be exported. Possible values are: skip, realm_file,
                       same_file, different_files. Default: different_files.
--users-per-file <number>
                     Set the number of users per file. It?s used only if --users=different_files.
                       Default: 50.

I’m also wondering where (or why) the docs are gone and not being updated.

FYI: I just created a discussion thread on the repo: Export/Import of realm data (JSON) · Discussion #10229 · keycloak/keycloak · GitHub

Hello,
thanks for the answer
I understand how it will be possible to do the export once the container is running by calling kc.sh export through docker exec.

But the import of the realm needs to be done automatically when the container is started (which was the case when passing KEYCLOAK_IMPORT environment variable to the docker run command), so calling manually kc.sh import through docker exec is not a solution

is there any update on this? on 17.0.1 seems to not work

Auto-import of realms will be available again with 18.x

Does it still use the KEYCLOAK_IMPORT environnement variable ?
I don’t see it listed in the documentation (Running Keycloak in a container - Keycloak)

Note: Would be great to have an “Updated on” date on the documentation pages

No. There is option --import-realm for start command. See Importing a Realm during Startup in Importing and Exporting Realms - Keycloak

Please, if you crosspost your questions in various forums/boards, add a link to the initial post/question.

Since --import-realm skips import operation if realm already exists, what is the recommended way to do incremental updates to an existing realm (Specially using a container distribution mode)?