FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Best way to share Fusionauth configuration and changes?

    Scheduled Pinned Locked Moved Solved
    Q&A
    3
    4
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      arjunyel
      last edited by

      When a developer on my projects adds something locally, such as a JWT populate lambda function, what is the best way to share that change with all developers on the project and then push it to production?

      As an example Hasura stores all its configuration as YAML files so everyone can share changes via version control https://hasura.io/docs/latest/graphql/core/migrations/index.html

      1 Reply Last reply Reply Quote 0
      • M
        maciej.wisniowski Power User
        last edited by

        For local development, we're using FusionAuth's kickstart files so that every change is documented in kickstart.json (and templates if any).

        Unfortunately, it is not so easy to apply such changes as the kickstart file is only executed on a clean FA instance.
        This means that in order to update the local environment with the new kickstart it is necessary to remove the FA config and database and then start it again having new kickstart applied. This will remove all local users so you also need some way to have them recreated.

        Recent versions of FA have a Reset option in the management panel but it is in early state and very limited (seems not to support any extra template files referenced from the kickstart.json file), but might be it will work for you.

        Another option you might consider is using Terraform provider for FusionAuth. This can be used for production environments.

        1 Reply Last reply Reply Quote 0
        • danD
          dan
          last edited by

          To add to what @maciej-wisniowski said, here's a previous post:

          https://fusionauth.io/community/forum/topic/549/how-can-we-migrate-fusionauth-configuration-from-dev-qa-to-prod

          Kickstart isn't really designed for moving configuration from environments because it assumes an untouched system.

          Your options are:

          • move it manually (can make sense when things don't change often).
          • script it. You can use any of the client libraries: https://fusionauth.io/docs/v1/tech/client-libraries/ to script all changes. It pairs nicely with a migration system like rails migrations which ensure scripts run only once.
          • use the terraform provider (which is community supported and not complete): https://registry.terraform.io/providers/gpsinsight/fusionauth/latest We are talking about moving it from community supported to FusionAuth supported, but don't have a date. When we do, this ticket will be updated: https://github.com/FusionAuth/fusionauth-issues/issues/1089 (please upvote if important to you)

          --
          FusionAuth - Auth for devs, built by devs.
          https://fusionauth.io

          danD 1 Reply Last reply Reply Quote 0
          • danD
            dan @dan
            last edited by

            The Terraform provider is no longer community supported and has some documentation. More here: https://fusionauth.io/docs/operate/deploy/configuration-management and here: https://fusionauth.io/docs/operate/deploy/terraform

            --
            FusionAuth - Auth for devs, built by devs.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            • danD dan marked this topic as a question on
            • danD dan has marked this topic as solved on
            • First post
              Last post