Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(defaults): add extractor for default roles, add default groups #86

Merged
merged 2 commits into from
May 2, 2024
Merged

feat(defaults): add extractor for default roles, add default groups #86

merged 2 commits into from
May 2, 2024

Conversation

Breee
Copy link
Collaborator

@Breee Breee commented May 2, 2024

This PR adds a extractor to the default role object

Extractor: `github.com/crossplane/upjet/pkg/resource.ExtractParamPath("name", false)`,

Which however did not resolve the bugs we faced.

That is why we also add default_groups as a new managed object based on https://registry.terraform.io/providers/edflex-tech/keycloak/latest/docs/resources/default_groups

Here is an example:

---
apiVersion: realm.keycloak.crossplane.io/v1alpha1
kind: Realm
metadata:
  name: my-realm
spec:
  forProvider:
    enabled: true
    realm: my-realm
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: openidclient.keycloak.crossplane.io/v1alpha1
kind: Client
metadata:
  name: test
spec:
  forProvider:
    realmIdRef:
      name: "my-realm"
    accessType: "CONFIDENTIAL"
    clientId: "test"
    serviceAccountsEnabled: false
  providerConfigRef:
    name: "keycloak-provider-config"
---
apiVersion: role.keycloak.crossplane.io/v1alpha1
kind: Role
metadata:
  name: my-realm-role
spec:
  forProvider:
    description: My Realm Role
    name: my-realm-role
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: role.keycloak.crossplane.io/v1alpha1
kind: Role
metadata:
  name: my-client-role
spec:
  forProvider:
    description: My Client Role
    name: my-client-role
    realmIdRef:
      name: my-realm
    clientIdRef:
      name: test
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: group.keycloak.crossplane.io/v1alpha1
kind: Group
metadata:
  name: my-group
spec:
  forProvider:
    name: my-group
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config
--- 
# Example Role mapping: Using groupId and roleIds to assign roles to the default group
apiVersion: group.keycloak.crossplane.io/v1alpha1
kind: Roles
metadata:
  name: dev-group-roles
spec:
  forProvider:
    realmIdRef:
      name: my-realm
    groupIdRef: 
      name: my-group
    roleIdsRefs:
      - name: my-realm-role
      - name: my-client-role
  providerConfigRef:
    name: keycloak-provider-config
--- 
apiVersion: defaults.keycloak.crossplane.io/v1alpha1
kind: DefaultGroups
metadata:
  name: default
spec:
  forProvider:
    groupIdsRefs:
    - name: my-group
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config

@Breee Breee merged commit bc754e6 into main May 2, 2024
5 of 7 checks passed
@Breee Breee deleted the feature/default-role-extraction branch May 2, 2024 10:15
@Breee Breee mentioned this pull request May 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Breee