OZG-6867 OZG-6895 Configuration to enable creating secrets

4a1bc046 · OZGCloud · 54679175 · 4a1bc046 · 4a1bc046 · 4a1bc046
Commit 4a1bc046 authored 8 months ago by OZGCloud
--- a/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_read_role.yaml
+++ b/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_read_role.yaml
 {{- if not (.Values.sso).disableOzgOperator }}
-{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_users) }}
+{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_user) }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -9,7 +9,7 @@ rules:
  - apiGroups:
      - "*"
    resourceNames:
-    {{ range $user := concat (.Values.sso.keycloak_users | default list) (.Values.sso.api_users | default list) }}
+    {{ range $user := concat (.Values.sso.keycloak_users | default list) (empty (.Values.sso).api_user | ternary (list) (list .Values.sso.api_user)) }}
      - {{ include "app.nameToIdentifier" $user.name }}-credentials
    {{ end }}
    resources:

--- a/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_read_role_binding.yaml
+++ b/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_read_role_binding.yaml
 {{- if not (.Values.sso).disableOzgOperator }}
-{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_users) }}
+{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_user) }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:

--- a/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_write_role.yaml
+++ b/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_write_role.yaml
 {{- if not (.Values.sso).disableOzgOperator }}
-{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_users) }}
+{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_user) }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:

--- a/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_write_role_binding.yaml
+++ b/src/main/helm/templates/ozgcloud_keycloak_operator_secrets_write_role_binding.yaml
 {{- if not (.Values.sso).disableOzgOperator }}
-{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_users) }}
+{{- if or ((.Values.sso).keycloak_users) ((.Values.sso).api_user) }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:

--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml
@@ -62,11 +62,11 @@ tests:
    asserts:
      - hasDocuments:
          count: 0
-  - it: should have subjects values on api_users
+  - it: should have subjects values on api_user
    set:
      sso:
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
        operatorNamespace: test-operator-namespace
    asserts:
      - contains:
@@ -80,8 +80,8 @@ tests:
    set:
      sso:
        disableOzgOperator: true
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
    asserts:
      - hasDocuments:
          count: 0
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml
@@ -55,11 +55,11 @@ tests:
    asserts:
      - hasDocuments:
          count: 0
-  - it: should have subjects values on api_users
+  - it: should have subjects values on api_user
    set:
      sso:
-        api_users:
+        api_user:
-          - name: apiUser-
+          name: apiUser
    asserts:
      - contains:
          path: rules
@@ -78,8 +78,8 @@ tests:
    set:
      sso:
        disableOzgOperator: true
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
    asserts:
      - hasDocuments:
          count: 0
\ No newline at end of file
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml
@@ -62,11 +62,11 @@ tests:
    asserts:
      - hasDocuments:
          count: 0
-  - it: should have subjects values on api_users
+  - it: should have subjects values on api_user
    set:
      sso:
-        api_users:
+        api_user:
-          - name: apiUsers
+          name: apiUsers
        operatorNamespace: test-operator-namespace
    asserts:
      - contains:
@@ -80,8 +80,8 @@ tests:
    set:
      sso:
        disableOzgOperator: true
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
    asserts:
      - hasDocuments:
          count: 0
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml
@@ -47,11 +47,11 @@ tests:
    asserts:
      - hasDocuments:
          count: 0
-  - it: should have subjects values on api_users
+  - it: should have subjects values on api_user
    set:
      sso:
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
    asserts:
      - contains:
          path: rules
@@ -67,8 +67,8 @@ tests:
    set:
      sso:
        disableOzgOperator: true
-        api_users:
+        api_user:
-          - name: apiUser
+          name: apiUser
    asserts:
      - hasDocuments:
          count: 0
\ No newline at end of file