Skip to content

fix(keycloak-client): client_create script gracefully exits when client already exists

German Felipe Giraldo Villarequested to merge
fix/kc-client-exists into main

Context

the k8s job in charge of creating a new Keycloak client fails whenever the client already exist. This happens when redeploying a vCluster on the same shared services infrastructure. This causes terraform to fail and prevents the deploying of firecrest, as terraform thinks there is no client for FirecREST to use. User is forced to manually delete the client before redeploying, so terraform can create it again.

The script has lines devoted to check if the client exist already intended to prevent failure of the script. Unfortunately, that verification is malformed. This MR fixes the verification.

Impact

Users can know redeploy the same vCluster without having to manually delete the existing client.

Test(s)

  1. Deploy the directory-services example in examples/gcp/directory-services.
  2. Comment out the module client in main.tf and deploy again.
  3. Finally, restore the client module and redeploy to make terraform try to recreate the Keycloak client. It should finish without issue

Links

Keycloak CLI docs: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html

Merge request reports