seems that the property fails on the 2 very oldest covered versions, gotta dig it
@sschu: any idea? im not that deep knowledged on those old versions to understand the difference and why this is KO on those two

keycloak/keycloak#24852

the 'ldap referral' feature was merged on the end of 2023, guess its why this fails on v22 and v23: how can i skip this ?
@sschu can you enlighten me?

@demetthyl Thanks for your contribution! You can skip tests for older versions like this:

Please also sign off your commit (git commit -s --amend).

@demetthyl Thanks for your contribution! You can skip tests for older versions like this:

terraform-provider-keycloak/provider/resource_keycloak_authentication_bindings_test.go

Line 129 in 0afe0b2

skipIfVersionIsLessThan(testCtx, t, keycloakClient, keycloak.Version_24)

Please also sign off your commit (git commit -s --amend).

Thank you for your suggestion but i think that i am hitting a wall @sschu .
Every ldapUserFederation test is based on hardcoded test object in methods, like https://github.com/keycloak/terraform-provider-keycloak/blob/main/provider/resource_keycloak_ldap_msad_lds_user_account_control_mapper_test.go#L191

This seems terribly unreasonable to skip most of the tests because they are invoked everywhere and this parameter didnt exist before v24, so the terraform plan sees a difference and fails tests

I dont really know what the best approach is..

ok i guess ive fixed my issue with the new ldap user config parameter, but im facing other test crashes on old versions, like:

=== NAME TestAccKeycloakLdapUserFederation_basicUpdateAll resource_keycloak_ldap_user_federation_test.go:341: Step 2/2 error: After applying this test step and performing a terraform refresh`, the plan was not empty.
stdout

    Terraform used the selected providers to generate the following execution
    plan. Resource actions are indicated with the following symbols:
      ~ update in-place
    
    Terraform will perform the following actions:
    
      # keycloak_ldap_user_federation.openldap will be updated in-place
      ~ resource "keycloak_ldap_user_federation" "openldap" {
          ~ batch_size_for_sync             = 9823 -> 9939
            id                              = "19118b10-ddfc-45e6-bf7c-ce951b07b2a4"
            name                            = "terraform-ldtraixc3g"
          ~ read_timeout                    = "49m10s" -> "6m2s"
          ~ validate_password_policy        = true -> false
            # (27 unchanged attributes hidden)
    
            # (2 unchanged blocks hidden)
        }
    
    Plan: 0 to add, 1 to change, 0 to destroy.`

Any idea why there are tests when inputs parameters are random generated ?
can you help me @sschu ? I am really struggling on this 'simple addition'

Or this error:
https://github.com/keycloak/terraform-provider-keycloak/actions/runs/19074353930/job/54485694147?pr=1352#step:10:1941

It is expected to generate this error, but test is still failure (in this keycloak version and not others...)