Skip to content

ADR-008: Feature parity with self-managed Keycloak

Category: architecture Provenance: guided-ai

Decision

The operator must support all Keycloak configuration options available in self-managed instances. CRDs should map 1:1 to Keycloak Admin API capabilities.

Rationale

No lock-in: Users can migrate from self-managed to operator-managed without losing functionality. Complete solution: Operator should handle all Keycloak use cases, not just basic ones. API alignment: Following Keycloak's data models ensures correctness and updates. Trade-off: Larger CRD specs, but complete feature coverage.

Agent Instructions

Map CRD fields directly to Keycloak API representations. Use Pydantic models from src/keycloak_operator/models/keycloak_api.py (generated from OpenAPI spec keycloak-api-spec.yaml). Support all Keycloak features. Document any intentional feature exclusions with rationale.