diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 2fdd8f35597e50c4c8ed9c728e84d4ced3be2c30..af8cb38b76d848478eda646f4511eb4b661d8e19 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -83,7 +83,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "app.generateKeycloakUserSecretName" . }}
- key: username
+ key: name
optional: false
{{- end }}
- name: QUARKUS_MONGODB_DATABASE
diff --git a/src/main/helm/templates/keycloak-user-crd.yaml b/src/main/helm/templates/keycloak-user-crd.yaml
index fecff47ac0c648a638bae579ad82f0918614443e..03d3ae0b47ccdf5546f4b9f586dfece1c9a077e7 100644
--- a/src/main/helm/templates/keycloak-user-crd.yaml
+++ b/src/main/helm/templates/keycloak-user-crd.yaml
@@ -1,14 +1,12 @@
{{ if .Values.sso.api_user }}
---
-apiVersion: api.kop-stack.de/v1
-kind: KopKeycloakUser
+apiVersion: operator.ozgcloud.de/v1
+kind: OzgKeycloakUser
metadata:
name: {{ include "app.generateKeycloakUserRessourceName" . }}
namespace: {{ include "app.namespace" . }}
spec:
keep_after_delete: {{ .Values.sso.api_user.keep_after_delete | default false }}
- keycloak_realm: {{ include "app.ssoRealm" . }}
- kop_sso_url: {{ include "app.ssoServerUrl" . }}
keycloak_user:
username: {{ .Values.sso.api_user.name | lower }}
first_name: {{ .Values.sso.api_user.first_name | default "" }}
diff --git a/src/main/helm/templates/ozg_operator_secrets_read_role.yaml b/src/main/helm/templates/ozg_operator_secrets_read_role.yaml
index eb45c6140f32982c79cd6ca73f0482983314511c..72c233c8a71e1f20c4cb36e6632011775c20c193 100644
--- a/src/main/helm/templates/ozg_operator_secrets_read_role.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_read_role.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
@@ -8,9 +8,7 @@ rules:
- apiGroups:
- "*"
resourceNames:
- {{ range $user := .Values.sso.api_users }}
- - {{ include "app.replaceAllNonAlphanumeric" $user.name }}-credentials
- {{ end }}
+ - {{ include "app.replaceAllNonAlphanumeric" .Values.sso.api_user.name }}-credentials
resources:
- secrets
verbs:
diff --git a/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml b/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml
index fb2df569e6fb94b02ee42b6aadfabe99c014f8a8..eeb9eb0c9592ba8a8c461dacbbe9451971c80aba 100644
--- a/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
diff --git a/src/main/helm/templates/ozg_operator_secrets_write_role.yaml b/src/main/helm/templates/ozg_operator_secrets_write_role.yaml
index edf2a8177e6510e332b4fbf7a93b98d5008eed70..b4b25822f9f5495046a47aff5c20859e389fc253 100644
--- a/src/main/helm/templates/ozg_operator_secrets_write_role.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_write_role.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
diff --git a/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml b/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml
index c795fc0a5dd9a73832eca82cb2bd42a7ec7881a5..84d879684ce3e7ddc07a5f378c576c9aeaab90c5 100644
--- a/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
diff --git a/src/test/helm/deployment-keycloak-values-test.yaml b/src/test/helm/deployment-keycloak-values-test.yaml
index eb7824d5be650d5b12b0889f3923053fa7a61901..3554cc6ee2454279c5c739d8455eafeb5a7731d9 100644
--- a/src/test/helm/deployment-keycloak-values-test.yaml
+++ b/src/test/helm/deployment-keycloak-values-test.yaml
@@ -137,7 +137,7 @@ tests:
valueFrom:
secretKeyRef:
name: usermanagerapiuser-credentials
- key: username
+ key: name
optional: false
- contains:
path: spec.template.spec.containers[0].env
diff --git a/src/test/helm/keycloak-user-crd-test.yaml b/src/test/helm/keycloak-user-crd-test.yaml
index 5c9551bf2cbb343a553fd9029bf24b3d845b7171..b7a7a844eaed252078aeac6627b36427312d1aff 100644
--- a/src/test/helm/keycloak-user-crd-test.yaml
+++ b/src/test/helm/keycloak-user-crd-test.yaml
@@ -36,9 +36,9 @@ tests:
name: testapiuser
asserts:
- isAPIVersion:
- of: api.kop-stack.de/v1
+ of: operator.ozgcloud.de/v1
- isKind:
- of: KopKeycloakUser
+ of: OzgKeycloakUser
- it: should have metadata
set:
sso:
@@ -65,12 +65,6 @@ tests:
- equal:
path: spec.keep_after_delete
value: false
- - equal:
- path: spec.keycloak_realm
- value: by-helm-test
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- equal:
path: spec.keycloak_user.first_name
values: ""
@@ -125,9 +119,6 @@ tests:
path: spec.keycloak_user.realm_roles
- isNull:
path: spec.keycloak_user.client_roles
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- it: should have Keycloak User with client role
set:
@@ -171,9 +162,6 @@ tests:
content:
name: alfa
role: VERWALTUNG_USER
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- it: should have Keycloak User with realm role
set:
@@ -215,9 +203,6 @@ tests:
path: spec.keycloak_user.realm_roles
content:
offline_access
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- it: should have Keycloak User with group
set:
@@ -259,9 +244,6 @@ tests:
path: spec.keycloak_user.groups
content:
Bauamt
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- it: should have lowercase username
set:
@@ -280,12 +262,6 @@ tests:
- equal:
path: spec.keep_after_delete
value: false
- - equal:
- path: spec.keycloak_realm
- value: by-helm-test
- - equal:
- path: spec.kop_sso_url
- value: https://sso.test.by.ozg-cloud.de
- equal:
path: spec.keycloak_user.first_name
values: ""
diff --git a/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml b/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml
index f3c18a29dff02511b7049ddabb9e80bb097ea3c9..469f702635675be2bfe945fc1bf4d645c4ec7c1d 100644
--- a/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml
@@ -8,7 +8,7 @@ tests:
- it: should contain header data
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -19,7 +19,7 @@ tests:
- it: should have metadata
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -32,7 +32,7 @@ tests:
- it: should have subjects values
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -45,7 +45,7 @@ tests:
- it: should have roleRef values
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
diff --git a/src/test/helm/ozg_operator_secrets_read_role_test.yaml b/src/test/helm/ozg_operator_secrets_read_role_test.yaml
index 067bdc044e2fa940a2ade014a7ee1eed78a6135c..bb033143ea487bf0f77c569b38fb5955f50eea67 100644
--- a/src/test/helm/ozg_operator_secrets_read_role_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_read_role_test.yaml
@@ -8,8 +8,8 @@ tests:
- it: should contain header data
set:
sso:
- api_users:
- - name: apiuser
+ api_user:
+ name: apiuser
asserts:
- isAPIVersion:
of: rbac.authorization.k8s.io/v1
@@ -18,8 +18,8 @@ tests:
- it: should have metadata
set:
sso:
- api_users:
- - name: apiuser
+ api_user:
+ name: apiuser
asserts:
- equal:
path: metadata.name
@@ -30,10 +30,8 @@ tests:
- it: should have subjects values
set:
sso:
- api_users:
- - name: apiuser
- - name: _with_underscore_
- - name: .with.dot.
+ api_user:
+ name: _with_underscore_and.with.dot.
asserts:
- contains:
path: rules
@@ -41,9 +39,7 @@ tests:
apiGroups:
- "*"
resourceNames:
- - apiuser-credentials
- - withunderscore-credentials
- - withdot-credentials
+ - withunderscoreandwithdot-credentials
resources:
- secrets
verbs:
diff --git a/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml b/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml
index 2ef6c5b8403544d9c52a6d1acce1363b937a9ca5..75a0fbfcb0cf350821c64c71e10e9831926f057f 100644
--- a/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml
@@ -8,7 +8,7 @@ tests:
- it: should contain header data
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -19,7 +19,7 @@ tests:
- it: should have metadata
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -32,7 +32,7 @@ tests:
- it: should have subjects values
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
@@ -45,7 +45,7 @@ tests:
- it: should have roleRef values
set:
sso:
- api_users:
+ api_user:
- name: apiuser
operatorNamespace: test-operator-namespace
asserts:
diff --git a/src/test/helm/ozg_operator_secrets_write_role_test.yaml b/src/test/helm/ozg_operator_secrets_write_role_test.yaml
index 667a799cbb8d0616dfa3c01f35e63d70019ca100..f85082a901e8d1ae4264129833aea766c0d74a4b 100644
--- a/src/test/helm/ozg_operator_secrets_write_role_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_write_role_test.yaml
@@ -8,7 +8,7 @@ tests:
- it: should contain header data
set:
sso:
- api_users:
+ api_user:
- name: apiuser
asserts:
- isAPIVersion:
@@ -18,7 +18,7 @@ tests:
- it: should have metadata
set:
sso:
- api_users:
+ api_user:
- name: apiuser
asserts:
- equal:
@@ -30,7 +30,7 @@ tests:
- it: should have subjects values
set:
sso:
- api_users:
+ api_user:
- name: apiuser
asserts:
- contains: