Keycloak realms crd fails to apply when applied using community.k8s ansible module

Getting advice
1

When applying the keycloak operator CRD manifests using the ansible k8s module the realms CRD fails to apply with the following error message:

"msg": "Failed to patch object: __init__() got multiple values for argument 'self'", "reason": "", "status": ""}

After some debugging I found the source of the issue to be these dictionaries in the CRD:

clientScopeMappings:
  additionalProperties:
    items:
      description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_scopemappingrepresentation
      properties:
        client:
          description: Client
          type: string
        clientScope:
          description: Client Scope
          type: string
        roles:
          description: Roles
          items:
            type: string
          type: array
        self:
          description: Self
          type: string
      type: object
    type: array
  description: Client Scope Mappings
  type: object

scopeMappings:
  description: Scope Mappings
  items:
    description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_scopemappingrepresentation
    properties:
      client:
        description: Client
        type: string
      clientScope:
        description: Client Scope
        type: string
      roles:
        description: Roles
        items:
          type: string
        type: array
      self:
        description: Self
        type: string
    type: object
  type: array

More specifically these bits:

self:
  description: Self
  type: string

With the above commented out the manifest applies with no issue. Is this something the keycloak operator devs should look at? Is it a community.k8s bug? How can I go about making this work?

Here’s the task for reference:

    - name: deploy keycloak operator crds
      community.kubernetes.k8s:
        state: "{{ keycloak_operator_state | default('present') }}"
        definition: "{{ lookup('template', '{{ item }}') }}"
      with_fileglob:
        - "templates/keycloak-operator/crds/*.yml"
      run_once: yes
1 Like
2

Hi!

I think I ran into the exact same issue with using the community.kubernetes.k8s and the Keycloak CRDs.

I got the following error message:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: __init__() got multiple values for argument 'self'
....
k: self.__deserialize(v) for k, v in field.items()\r\n  File \"/usr/local/lib/python3.6/site-packages/openshift/dynamic/resource.py\", line 291, in __deserialize\r\n    k: self.__deserialize(v) for k, v in field.items()\r\nTypeError: __init__() got multiple values for argument 'self'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"

Unfortunately, I could not find any other solution than copying the CRD manifests to the remote host and apply them via the kubectl apply -f .. command.

For example, my original approach was:

- name: Apply Keycloak CRDs
  community.kubernetes.k8s:
    state: present
    definition: "{{ lookup('template', './k8s/keycloak-operator-15.0.1/deploy/crds/{{ item }}.yaml') | from_yaml }}"
  loop:
    - keycloak.org_keycloakbackups_crd
    - keycloak.org_keycloakclients_crd
    - keycloak.org_keycloakrealms_crd
    - keycloak.org_keycloaks_crd
    - keycloak.org_keycloakusers_crd

Workaround in two steps, copy&apply:

- name: Copy Keycloak CRDs
  copy:
    src: "./files/k8s/keycloak-operator-15.0.1/deploy/crds/"
    dest: "/home/ansible/keycloak-operator-15.0.1/deploy/crds"
    owner: ansible
    group: ansible
    create: yes
  become: true

- name: Apply Keycloak CRDs
  shell: "kubectl apply -f /home/ansible/keycloak-operator-15.0.1/deploy/crds/"
  become: true

Thanks!