Hi, looking for some pointers for a crazy idea
Ok, so I really love liquibase for all my DB Change Management.
Now I have to maintain the configuration of dozens of Keycloak Realms and would like to apply a similar approach to what you guys are doing with Liquibase.
So every so often I have to create/delete/update clients, groups, roles, etc in all Keycloak Realms.
I already have a Java lib that provides actions to be carried out on each of the elements.
Any idea if reusing/extending liquibase for this would be a good idea?
If not, any other project you’d recommend I take a look at?
A bit more detail.
So basically I would have changeSets like this (smaller probably):
<changeSet author="andi" id="1">
<createRole roleName="subscriber"/>
<createRole roleName="publisher"/>
<createRole roleName="backend"/>
<createGroup groupName="admin">
<role roleName="subscriber"/>
<role roleName="publisher"/>
<role roleName="backend"/>
</createGroup>
<createGroup groupName="backoffice">
<role roleName="subscriber"/>
<role roleName="backend"/>
</createGroup>
<addMapper clientName="admin-cli">
<mapper attribute="tenantId" claimName="tenant_id" protcol="openid-connect"/>
<mapper attribute="businesId" claimName="business_id" protcol="openid-connect"/>
</addMapper>
<enableBuiltinMapper clientName="backoffice-cli">
<mapper clientScope="profile" protocolMapperName="groups"/>
</enableBuiltinMapper>
</changeSet>
And these would then map to methods in the keycloak client lib I have developed.