Support flows and executions about terraform-provider-keycloak HOT 9 CLOSED

Hey :) Is there any progress on adding flows? Would be a great feature!

from terraform-provider-keycloak.

This is something on my todo list, I should be tackling this in the coming weeks

from terraform-provider-keycloak.

I actually started this on the authentication-flows branch.

Unfortunately, I wasn't able to come up with a good way to manage nested flows and executions, which is a use case I have for this particular feature. Keycloak allows you to create top-level flows and subflows, and you can technically have an infinite number of subflows. I couldn't figure out a way to elegantly do this within the provider. I was hoping that v0.12 would have better support for features like this, but I haven't gotten back to this since that update was made.

from terraform-provider-keycloak.

I would need this functionality as well. We have a lot of custom authenticators with config and thus also custom flows and executions.
How do you see the way forward?
Could we work with an in-between solution?
How production ready are the changes in your authentication-flows branch?
How can I help?

from terraform-provider-keycloak.

@mrparkers, FYI: I will be working on this issue

from terraform-provider-keycloak.

The more I look at this, the more I think there should be a separation between topLevelFlows, subFlows and executions.
All 3 behave different in Create/Update/Read/Import and Delete.

from terraform-provider-keycloak.

Thanks @tomrutsaert, I'm glad you have the time to take a look at this.

My branch, as you have probably noticed already, is not quite production ready yet, although the foundation for what you need should be mostly there.

The part I really struggled with was understanding how we can represent subflows in HCL and relate them to the top level flows, or other subflows that are a parent to them. The problem I encountered was that subflows needed to know what flow they are a child of, and the parent flow needed to know about the subflow in order to enforce ordering (to ensure subflow A comes before subflow B for example). This created a bidirectional data flow that I didn't know how to represent in HCL.

The only idea I had that I didn't have a chance to implement was a data source like keycloak_authentication_subflow which has the same attributes as the keycloak_authentication_flow resource, but all the data source does is serialize that model into JSON that can be used in the top level flow. This way, only the keycloak_authentication_flow resource would be controlling its subflows and their order.

I don't know if this will actually work, but feel free to give that a try or pitch some other ideas you might have.

from terraform-provider-keycloak.

Can't this be closed now with #138 in?

from terraform-provider-keycloak.

Can't this be closed now with #138 in?

Yes, you are right.

from terraform-provider-keycloak.