Keycloak 19.0.2 - Import (& export) users

Configuring the server
1

Currently I am using a Keycloak 19.0.2 image to spin up a docker container.

After developing with keycloak for a few weeks now, I can admit that creating and configuring a new user every time the container rebuilds, gets very annoying.

I have found some guides explaining how to import & export a realm including its users. Unfortunately, these guides are for older versions of keycloak.
I believe that not all documentation is fully up to date, making it hard to find out if these options of importing and exporting a realm with its users is still available, if there might be a replacement, or if there is a solution that can be used during development to set-up a default user-user/admin-admin account.

Any help is appreciated. Any refrences or documentation is welcome. Please do keep in mind that I am using Keycloak 19.0.2.

2

This guide should explain it all, my customers achieved it with no help of others, only using this guide, to do full ex- and imports:

3

Thanks for the guide. Have tried this one before but have a hard time getting the commands to work inside a docker compose file.
Is there an example of this import & export functionality inside a docker-compose file?

4

use the command parameter of the docker compose to change which command will be run when the container is started.

5

Currently the Keycloak container in my docker-compose file looks like this:

  keycloak-service:
    image: quay.io/keycloak/keycloak:19.0.2 #Docker image to use in the container
    container_name: dev.flowcontrol.keycloak #Name of the container, can be anything
    environment:
      DB_VENDOR: mariadb #Use MariaDB as the database
      DB_ADDR: database-dev #Use development db, since this is development docker
      DB_DATABASE: keycloak
      DB_USER: user
      DB_PASSWORD: password
      DB_SCHEMA: public
      KEYCLOAK_ADMIN: admin #username for master realm
      KEYCLOAK_ADMIN_PASSWORD: admin #password for master realm
      KEYCLOAK_LOGLEVEL: DEBUG
      KEYCLOAK_IMPORT: /tmp/realm-export.json #Import file from linux system
      #Below values are used to debug custom keycloak providers while running in keycloak
      DEBUG: true
      DEBUG_PORT: "*:8787"
    ports:
      - "8180:8180"
      - "8787:8787"
    depends_on:
      - database-dev
    command:
      - start-dev
      - --http-port=8180
      - -Dkeycloak.import=/tmp/realm-export.json #command to trigger import
      - --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true #command to trigger correct redirect url
    volumes:
      - ${KEYCLOAK_VOLUME}/json/realm-export.json:/tmp/realm-export.json #map the file used to import realm to the correct location on the linux machine
      #- ./keycloak/themes/custom/:/opt/keycloak/themes/custom/
      - ${KEYCLOAK_VOLUME}/providers:/opt/keycloak/providers #map the custom providers folder to the correct location on the linux machine
    networks:
      - backend

The import here works!

Whenever I try to add the export command, I get some errors.

Simply adding: ‘export’, ‘bin/kc.sh export’ or ‘bin/kc.sh export --file file’ before the start-dev command results in the following error:

Unknown option: '--profile'

This error keeps appearing no matter what configuration I add to the export command. I tried the 3 mentioned above, added the --users tag, the --realm tag. Tried to export to a file or a directory but nothing seems to work.

Adding these commands after the start-dev command results in the following error:

Unknown option: 'bin/kc.sh'
Try 'kc.sh start-dev --help' for more information on the available options.

I am new with the usage of Docker. Maybe I am just missing something simple or mis-understand how the command parameter works.

6

So I managed to get it kind of working.

New docker compose:

  keycloak-service:
    image: quay.io/keycloak/keycloak:20.0.0 #Docker image to use in the container
    container_name: dev.flowcontrol.keycloak #Name of the container, can be anything
    environment:
      DB_VENDOR: mariadb #Use MariaDB as the database
      DB_ADDR: database-dev #Use development db, since this is development docker
      DB_DATABASE: keycloak
      DB_USER: user
      DB_PASSWORD: password
      DB_SCHEMA: public
      KEYCLOAK_ADMIN: admin #username for master realm
      KEYCLOAK_ADMIN_PASSWORD: admin #password for master realm
      KEYCLOAK_LOGLEVEL: DEBUG #Set log level to debug

      #Below values are used to debug custom keycloak providers while running in keycloak
#      DEBUG: true
#      DEBUG_PORT: "*:8787"
    ports:
      - "8180:8180"
#     - "8787:8787"
    depends_on:
      - database-dev
    command:
      - start-dev --http-port=8180
      - -Dkeycloak.import=/tmp/realm-import.json #command to trigger import
    volumes:
      - ${KEYCLOAK_VOLUME}/json/export:/opt/keycloak/data #map the export folder of the linux machine to my windows folder
      - ${KEYCLOAK_VOLUME}/json/export/Flowcontrol-realm.json:/tmp/realm-import.json #map the file used to import realm to the correct location on the linux machine
      #- ./keycloak/themes:/opt/keycloak/themes
      - ${KEYCLOAK_VOLUME}/providers:/opt/keycloak/providers #map the custom providers folder to the correct location on the linux machine
    networks:
      - backend

Using the docker cli I managed to run the following command:

/opt/keycloak/bin/kc.sh export --dir /opt/keycloak/data --realm Flowcontrol --users realm_file

An export folder gets created with a realmName-export.json file.
On container start-up it gets imported.

Even though I am now capable of manually running this command, I still have not found a way to include it in the docker-compose.

Do i need to adjust the export command to let it run in the container start up?
And is there a way to trigger the export on the container shutdown?