Skip to content
Snippets Groups Projects
Commit 7d77d9b0 authored by OZGCloud's avatar OZGCloud
Browse files

Merge branch 'master' into OZG-1863

parents c4113f49 00dc546f
No related branches found
No related tags found
No related merge requests found
......@@ -26,67 +26,6 @@ spec:
clientRoles:
realm-management:
- "view-users"
{{- if eq ( include "app.ssoLevel" . ) "dev" }}
---
apiVersion: keycloak.org/v1alpha1
kind: KeycloakUser
metadata:
name: {{ include "app.ssoRealm" . }}-beate
namespace: keycloak
labels:
{{- include "app.defaultLabels" . | indent 4 }}
realm: {{ include "app.ssoRealm" . }}
spec:
realmSelector:
matchLabels:
realm: {{ include "app.ssoRealm" . }}
user:
username: "beate"
firstName: "Beate"
lastName: "Burger"
enabled: True
emailVerified: True
credentials:
- type: "password"
value: "Beatebeast"
realmRoles:
- "offline_access"
- "uma_authorization"
clientRoles:
{{ include "app.keycloakClientId" . }}:
- "VERWALTUNG_USER"
{{- end -}}
{{- if and ( eq (include "app.ssoLevel" . ) "dev" ) (.Values.sso).role_einheitlicher_ansprechpartner }}
---
apiVersion: keycloak.org/v1alpha1
kind: KeycloakUser
metadata:
name: {{ include "app.ssoRealm" . }}-emil
namespace: keycloak
labels:
{{- include "app.defaultLabels" . | indent 4 }}
realm: {{ include "app.ssoRealm" . }}
spec:
realmSelector:
matchLabels:
realm: {{ include "app.ssoRealm" . }}
user:
username: "emil"
firstName: "Emil"
lastName: "Ansprechpartner"
enabled: True
emailVerified: True
credentials:
- type: "password"
value: "Ansprechpartner"
realmRoles:
- "offline_access"
- "uma_authorization"
- "EINHEITLICHER_ANSPRECHPARTNER"
clientRoles:
{{ include "app.keycloakClientId" . }}:
- "EINHEITLICHER_ANSPRECHPARTNER"
{{- end -}}
{{- if eq (include "app.ssoLevel" . ) "stage" }}
---
apiVersion: keycloak.org/v1alpha1
......
suite: test deployment
release:
name: goofy
namespace: sh-kiel-dev
templates:
- templates/keycloak_users.yaml
tests:
- it: goofyapiuser must exist in dev stage
asserts:
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-dev-api-user
namespace: keycloak
- it: Adelheit dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-adelheit
- it: Dorothea dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-dorothea
- it: Emil dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-emil
- it: Richard dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-richard
- it: Sabine dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-sabine
- it: Zonk dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-zonk
namespace: keycloak
- it: Beate dev user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-dev-beate
namespace: keycloak
suite: test deployment
release:
name: goofy
namespace: sh-kiel-prod
templates:
- templates/keycloak_users.yaml
tests:
- it: goofyapiuser must exist in prod stage
set:
namespace: sh-kiel-prod
asserts:
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-prod-api-user
namespace: keycloak
- it: goofyApiUser must have view-users client role
set:
namespace: sh-kiel-stage
documentIndex: 0
asserts:
- equal:
path: spec.user.username
value: goofyApiUser
- contains:
path: spec.user.clientRoles.realm-management
content: view-users
......@@ -5,6 +5,13 @@ release:
templates:
- templates/keycloak_users.yaml
tests:
- it: goofyapiuser must exist in staging stage
asserts:
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-stage-api-user
namespace: keycloak
- it: renaming of users means recreation by operator and is permitted
asserts:
- containsDocument:
......
suite: test deployment
release:
name: goofy
namespace: sh-kiel-dev
templates:
- templates/keycloak_users.yaml
tests:
- it: renaming of users means recreation by operator and is permitted
asserts:
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-dev-api-user
namespace: keycloak
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-dev-beate
namespace: keycloak
- it: goofyApiUser must have view-users client role
set:
namesapce: sh-kiel-stage
documentIndex: 0
asserts:
- equal:
path: spec.user.username
value: goofyApiUser
- contains:
path: spec.user.clientRoles.realm-management
content:
view-users
- it: test user attributes for beate
documentIndex: 1
asserts:
- equal:
path: spec.user.username
value: beate
- equal:
path: spec.user.firstName
value: Beate
- equal:
path: spec.user.lastName
value: Burger
- contains:
path: spec.user.clientRoles.sh-kiel-dev-goofy
content:
VERWALTUNG_USER
- it: test user attributes for emil
set:
sso.role_einheitlicher_ansprechpartner: true
documentIndex: 2
asserts:
- equal:
path: spec.user.username
value: emil
- equal:
path: spec.user.firstName
value: Emil
- equal:
path: spec.user.lastName
value: Ansprechpartner
- contains:
path: spec.user.clientRoles.sh-kiel-dev-goofy
content:
EINHEITLICHER_ANSPRECHPARTNER
suite: test deployment
release:
name: goofy
namespace: sh-kiel-test
templates:
- templates/keycloak_users.yaml
tests:
- it: goofyapiuser must exist in test stage
asserts:
- containsDocument:
kind: KeycloakUser
apiVersion: keycloak.org/v1alpha1
name: sh-kiel-test-api-user
namespace: keycloak
- it: Adelheit test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-adelheit
- it: Dorothea test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-dorothea
- it: Emil test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-emil
- it: Richard test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-richard
- it: Sabine test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-sabine
- it: Zonk test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-zonk
namespace: keycloak
- it: Beate test user shall not exist
documentIndex: -1
asserts:
- notEqual:
path: metadata.name
value: sh-kiel-test-beate
namespace: keycloak
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment