keycloak: Keycloak Export only accept H2 datase-URL (Datasource: URL format error; must be jdbc:h2 ... but is jdbc:mariadb: ...)

I just got the same issue, it was solved by removing the --optimized from the start command.

I preferred not to build an image, so I overwrote the entrypoint and ran both the build and the import/export.

 keycloak:
    image: quay.io/keycloak/keycloak:20.0 
    depends_on:
      - postgres
    env_file:
      - .env
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://${KEYCLOAK_DB_ADDR}/${KEYCLOAK_DB_NAME}?user=${KEYCLOAK_DB_USER}&password=${KEYCLOAK_DB_PASS}
      KEYCLOAK_ADMIN: ${KEYCLOAK_USER}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_PASSWORD}
    volumes:
      - ${CONFIG_PATH_HOST}/keycloak/initial-config:/opt/jboss/keycloak/config
    command: start-dev --import-realm 
      

keycloak-importer:
      image: quay.io/keycloak/keycloak:20.0 
      depends_on:
        - postgres
      env_file:
        - .env
      environment:
        KC_DB: postgres
        KC_DB_URL: jdbc:postgresql://${KEYCLOAK_DB_ADDR}/${KEYCLOAK_DB_NAME}?user=${KEYCLOAK_DB_USER}&password=${KEYCLOAK_DB_PASS}      
      volumes:
        - ${CONFIG_PATH_HOST}/keycloak/initial-config:/opt/jboss/keycloak/config
      entrypoint: sh
      command: -c "/opt/keycloak/bin/kc.sh build && sh /opt/keycloak/bin/kc.sh import --dir /opt/jboss/keycloak/config"

  keycloak-exporter:
      image: quay.io/keycloak/keycloak:20.0 
      depends_on:
        - postgres
      env_file:
        - .env
      environment:
        KC_DB: postgres
        KC_DB_URL: jdbc:postgresql://${KEYCLOAK_DB_ADDR}/${KEYCLOAK_DB_NAME}?user=${KEYCLOAK_DB_USER}&password=${KEYCLOAK_DB_PASS}      
      volumes:
        - ${CONFIG_PATH_HOST}/keycloak/exports:/opt/jboss/keycloak/exports
      entrypoint: sh
      command: -c "/opt/keycloak/bin/kc.sh build && sh /opt/keycloak/bin/kc.sh export --dir /opt/jboss/keycloak/exports"

I think it would be convenient to enable a mechanism that allows import/export as expected after reading the official documentation. In the meantime, I think it would be necessary to add information about it in the documentation. At least, I have not found any information about it.

@OtenMoten I encountered the same issue as you reported. You could use the following workaround:

1. Create a Dockerfile that builds keycloak before running the kc.sh command, e.g.

FROM quay.io/keycloak/keycloak:latest as builder

# Configure a database vendor
ENV KC_DB=postgres

WORKDIR /opt/keycloak
RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/

ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]

(slim version of the example on https://www.keycloak.org/server/containers)

1. Use this Dockerfile in your docker-compose.yml (replace image: quay.io/keycloak/keycloak:latest with build: ./PATH_TO_DIRECTORY_WHICH_CONTAINS_DOCKERFILE

This solved the issue for me, however, it is just an ugly workaround - the problem should still be fixed off-course.

I just got the same issue, it was solved by removing the --optimized from the start command.

I know what you are talking about, I had the same issue with start --optimized but in this case I write about export.

As you can see in the Docker Compose file there is no --optimized just start and export has no --optimized.

@ggalejandro - thank you for providing this example when running this with containers. I now see that it is extra complicated when running the standard container. I’ve been running it with the ZIP distribution and wasn’t aware of this.

@ahus1 Thanks for your comment, and sorry guys for the late response. This kind of issue was already discussed in the past. See #14228.

We need to discuss the correct approach for import/export. But I’m leaning towards supporting “auto-build” functionality for export with assessing backward compatibility; support both approaches.

@mabartos / @vmuzikar - it would be great if export would have the auto-build option.