-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
keycloak_user_federation shows changed because of "lastSync" value #5842
Comments
Files identified in the description: If these files are incorrect, please update the |
Just FYI this Problem persists, last checked on keyclock 25.0.1 |
I can create a PR to fix this. Just need some input on how the module should behave. The value seems to be used to time the period syncs, so I don't know if changing it is a good idea. The API i think allows it, but there's no option in the web GUI. The simplest solution would probably be to just ignore it and remove it from the kc responses. Another option might be to check whether there was a successful sync after a provided timestamp. But that would be more complex and require an additional meta argument. I also don't know it that's a relevant use case since kc already offers periodic sync settings. |
@FAUSheppy - i created a PR #8812 that just removes the parameter from all keycloak reponses, which should solve the issue. Could you take a look at it? |
Summary
With Keycloak 19.0.1, if you create a LDAP-storage provider with this module, then go to the Keycloak interface -> User Federation -> Provider -> Actions (top right) -> Sync, Keycloak sets a value called "lastSync" containing the timestamp of the latest synchronization.
On subsequent ansible runs, the task will always show as changed:
The value cannot be overwritten or removed, repeated runs do not fix this problem, the task remains listed as changed with the above diff.
Issue Type
Bug Report
Component Name
community.general.keycloak_user_federation
Ansible Version
Community.general Version
Configuration
$ ansible-config dump --only-changed
OS / Environment
Debian 11 Bullseye
Steps to Reproduce
Expected Results
Task should no show changed OR subsequent runs should overwrite the value.
Actual Results
Code of Conduct
The text was updated successfully, but these errors were encountered: