Upgrade keycloak 24->25

Hi,

Since the release of Keycloak 25 i’m trying to upgrade our test environment (which is running Keycloak 24.0.5).

Initially I got a migration error due to having version 999.0.0 for id hiwi5. After removing that line from the database I tried again, but I receive a duplication error.

keycloak-1  | 2024-07-25 09:35:31,123 INFO  [org.hibernate.orm.jdbc.batch] (main) HHH100503: On release of batch it still contained JDBC statements
keycloak-1  | 2024-07-25 09:35:31,124 ERROR [org.hibernate.orm.jdbc.batch] (main) HHH100501: Exception executing batch [java.sql.BatchUpdateException: Batch entry 0 insert into CLIENT_SCOPE (DESCRIPTION,NAME,PROTOCOL,REALM_ID,ID) values ((NULL),('role_list'),(NULL),('7df906
18-e5db-459b-b584-c1245093fb09'),('8f2c821a-c16e-4a2e-87d9-2222015caa82')) was aborted: ERROR: duplicate key value violates unique constraint "uk_cli_scope"
keycloak-1  |   Detail: Key (realm_id, name)=(7df90618-e5db-459b-b584-c1245093fb09, role_list) already exists.  Call getNextException to see other errors in the batch.], SQL: insert into CLIENT_SCOPE (DESCRIPTION,NAME,PROTOCOL,REALM_ID,ID) values (?,?,?,?,?)
keycloak-1  | 2024-07-25 09:35:31,124 WARN  [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (main) SQL Error: 0, SQLState: 23505
keycloak-1  | 2024-07-25 09:35:31,125 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (main) Batch entry 0 insert into CLIENT_SCOPE (DESCRIPTION,NAME,PROTOCOL,REALM_ID,ID) values ((NULL),('role_list'),(NULL),('7df90618-e5db-459b-b584-c1245093fb09'),('8f2c821a-c16e-
4a2e-87d9-2222015caa82')) was aborted: ERROR: duplicate key value violates unique constraint "uk_cli_scope"
keycloak-1  |   Detail: Key (realm_id, name)=(7df90618-e5db-459b-b584-c1245093fb09, role_list) already exists.  Call getNextException to see other errors in the batch.
keycloak-1  | 2024-07-25 09:35:31,125 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (main) ERROR: duplicate key value violates unique constraint "uk_cli_scope"
keycloak-1  |   Detail: Key (realm_id, name)=(7df90618-e5db-459b-b584-c1245093fb09, role_list) already exists.

Not sure what Keycloak is trying todo here, but uuid is the master realm. Which already exists in the database.

We use docker to run Keycloak, and we build our own image to slightly change the container given by Keycloak. We only add 1 plugin and our theme. Then use kc.sh build --database postgres. This setup works for use since we started with Keycloak 20.x.x

Any clues on how to resolve is highly appreciated.

Dennis

Ok, it seems I should not have deleted the 999 version from the migration_model. Reading on this issue Entry 999.0.0 in MIGRATION_MODEL prevents future migrations of the database · Issue #27941 · keycloak/keycloak · GitHub it seems that one version of the 24 caused an update to 999 version to be set.

And by removing that entry, keycloak thinks it’s a new environment. And therefore got the the duplicate errors in the database.

So instead of deleting, i changed version 9999.0.0 to 24.0.5, and the upgrade went well after that change.

3 Likes