Variable substitution not working?

Describe the bug

Thank you for the great tool!

I’m trying to use variable substitution to script out a realm.json file for automated deployments, but the CLI doesn’t substitute environment variables at runtime, submitting values to Keycloak like “${env:SOME_ENV_VARIABLE}”. There aren’t any warnings or errors, and the import succeeds. I can view the new realm in the Keycloak interface. I’m running Docker locally on Mac OS. I’m passing import_var-substitution=true to the docker run command.

I should note that passing other flags, like keycloak_availability-check_enabled=true and keycloak_availability-check_timeout=120s seems to have no effect. When I run docker-compose up, the CLI will fail after the first HTTP request fails, without retrying or waiting. Am I misunderstanding how to use the CLI?

To Reproduce

Run CLI via Docker:

docker run \
    -e keycloak_url=http://docker.for.mac.localhost:8080 \
    -e keycloak_user=admin \
    -e keycloak_password=admin \
    -e IMPORT_PATH=/realms/my-realm.json \
    -e import_var-substitution=true \
    -e API_CLIENT_SECRET=somesecret \
    -v /Users/me/Projects/keycloak-example/src/realms:/realms \
    adorsys/keycloak-config-cli:master

realm.json (some detail omitted):

{
  "id": "app",
  "realm": "My App",
  "enabled": true,
  "clients": [
    {
      "clientId": "api",
      "name": "API",
      "enabled": true,
      "clientAuthenticatorType": "client-secret",
      "secret": "${env:API_CLIENT_SECRET}",
      "webOrigins": ["+"],
      "standardFlowEnabled": true,
      "implicitFlowEnabled": false,
      "serviceAccountsEnabled": true
    }
  ]
}

Expected behavior

I would expect to the see the value specified for API_CLIENT_SECRET to be injected into Keycloak.

Environment (please complete the following information):

• Keycloak Version: 11.0.2
• keycloak-config-cli Version: I’ve tried both master and latest