Merge pull request 'ozg-3961 use ozgoperator' (#70) from ozg-3961-use-ozgoperator into master

Reviewed-on: https://git.ozg-sh.de/mgm/user-manager/pulls/70

Merge pull request 'ozg-3961 use ozgoperator' (#70) from ozg-3961-use-ozgoperator into master
957fcaaa · OZGCloud · 2ae466ba · 064ad566 · 957fcaaa · 957fcaaa
Commit 957fcaaa authored 1 year ago by OZGCloud
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -83,7 +83,7 @@ spec:
          valueFrom:
            secretKeyRef:
              name: {{ include "app.generateKeycloakUserSecretName" . }}
-              key: username
+              key: name
              optional: false        
        {{- end }}
        - name: QUARKUS_MONGODB_DATABASE

--- a/src/main/helm/templates/keycloak-user-crd.yaml
+++ b/src/main/helm/templates/keycloak-user-crd.yaml
 {{ if .Values.sso.api_user }}
 ---
-apiVersion: api.kop-stack.de/v1
-kind: KopKeycloakUser
+apiVersion: operator.ozgcloud.de/v1
+kind: OzgKeycloakUser
 metadata:
  name: {{ include "app.generateKeycloakUserRessourceName" . }}
  namespace: {{ include "app.namespace" . }}
 spec:
  keep_after_delete: {{ .Values.sso.api_user.keep_after_delete | default false }}
-  keycloak_realm: {{ include "app.ssoRealm" . }}
-  kop_sso_url: {{ include "app.ssoServerUrl" . }}
  keycloak_user:
    username: {{ .Values.sso.api_user.name | lower }}
    first_name: {{ .Values.sso.api_user.first_name | default "" }}

--- a/src/main/helm/templates/ozg_operator_secrets_read_role.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_read_role.yaml
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -8,9 +8,7 @@ rules:
  - apiGroups:
      - "*"
    resourceNames:
-    {{ range $user := .Values.sso.api_users }}
-      -  {{ include "app.replaceAllNonAlphanumeric" $user.name }}-credentials    
-    {{ end }} 
+      -  {{ include "app.replaceAllNonAlphanumeric" .Values.sso.api_user.name }}-credentials    
    resources:
      - secrets
    verbs:

--- a/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_read_role_binding.yaml
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:

--- a/src/main/helm/templates/ozg_operator_secrets_write_role.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_write_role.yaml
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:

--- a/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml
+++ b/src/main/helm/templates/ozg_operator_secrets_write_role_binding.yaml
-{{- if .Values.sso.api_users }}
+{{- if (.Values.sso).api_user }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:

--- a/src/test/helm/deployment-keycloak-values-test.yaml
+++ b/src/test/helm/deployment-keycloak-values-test.yaml
@@ -137,7 +137,7 @@ tests:
            valueFrom:
              secretKeyRef:
                name: usermanagerapiuser-credentials
-                key: username
+                key: name
                optional: false
      - contains:
          path: spec.template.spec.containers[0].env

--- a/src/test/helm/keycloak-user-crd-test.yaml
+++ b/src/test/helm/keycloak-user-crd-test.yaml
@@ -36,9 +36,9 @@ tests:
          name: testapiuser
    asserts:
      - isAPIVersion:
-          of: api.kop-stack.de/v1
+          of: operator.ozgcloud.de/v1
      - isKind:
-          of: KopKeycloakUser
+          of: OzgKeycloakUser
  - it: should have metadata
    set:
      sso:
@@ -65,12 +65,6 @@ tests:
      - equal:
          path: spec.keep_after_delete
          value: false
-      - equal:
-          path: spec.keycloak_realm
-          value: by-helm-test
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de
      - equal:
          path: spec.keycloak_user.first_name
          values: ""
@@ -125,9 +119,6 @@ tests:
          path: spec.keycloak_user.realm_roles
      - isNull:
          path: spec.keycloak_user.client_roles
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de

  - it: should have Keycloak User with client role
    set:
@@ -171,9 +162,6 @@ tests:
          content:
            name: alfa
            role: VERWALTUNG_USER
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de

  - it: should have Keycloak User with realm role
    set:
@@ -215,9 +203,6 @@ tests:
          path: spec.keycloak_user.realm_roles
          content:
            offline_access
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de

  - it: should have Keycloak User with group
    set:
@@ -259,9 +244,6 @@ tests:
          path: spec.keycloak_user.groups
          content:
            Bauamt
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de

  - it: should have lowercase username
    set:
@@ -280,12 +262,6 @@ tests:
      - equal:
          path: spec.keep_after_delete
          value: false
-      - equal:
-          path: spec.keycloak_realm
-          value: by-helm-test
-      - equal:
-          path: spec.kop_sso_url
-          value: https://sso.test.by.ozg-cloud.de
      - equal:
          path: spec.keycloak_user.first_name
          values: ""

--- a/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_read_role_binding_test.yaml
@@ -8,7 +8,7 @@ tests:
  - it: should contain header data
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -19,7 +19,7 @@ tests:
  - it: should have metadata
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -32,7 +32,7 @@ tests:
  - it: should have subjects values
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -45,7 +45,7 @@ tests:
  - it: should have roleRef values
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:

--- a/src/test/helm/ozg_operator_secrets_read_role_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_read_role_test.yaml
@@ -8,8 +8,8 @@ tests:
  - it: should contain header data
    set:
      sso:
-        api_users:
-          - name: apiuser
+        api_user:
+          name: apiuser
    asserts:
      - isAPIVersion:
          of: rbac.authorization.k8s.io/v1
@@ -18,8 +18,8 @@ tests:
  - it: should have metadata
    set:
      sso:
-        api_users:
-          - name: apiuser
+        api_user:
+          name: apiuser
    asserts:
      - equal:
          path: metadata.name
@@ -30,10 +30,8 @@ tests:
  - it: should have subjects values
    set:
      sso:
-        api_users:
-          - name: apiuser
-          - name: _with_underscore_
-          - name: .with.dot.
+        api_user:
+          name: _with_underscore_and.with.dot.
    asserts:
      - contains:
          path: rules
@@ -41,9 +39,7 @@ tests:
            apiGroups:
               - "*"
            resourceNames:
-               - apiuser-credentials
-               - withunderscore-credentials
-               - withdot-credentials
+               - withunderscoreandwithdot-credentials
            resources:
               - secrets
            verbs:

--- a/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_write_role_binding_test.yaml
@@ -8,7 +8,7 @@ tests:
  - it: should contain header data
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -19,7 +19,7 @@ tests:
  - it: should have metadata
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -32,7 +32,7 @@ tests:
  - it: should have subjects values
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:
@@ -45,7 +45,7 @@ tests:
  - it: should have roleRef values
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
        operatorNamespace: test-operator-namespace
    asserts:

--- a/src/test/helm/ozg_operator_secrets_write_role_test.yaml
+++ b/src/test/helm/ozg_operator_secrets_write_role_test.yaml
@@ -8,7 +8,7 @@ tests:
  - it: should contain header data
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
    asserts:
      - isAPIVersion:
@@ -18,7 +18,7 @@ tests:
  - it: should have metadata
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
    asserts:
      - equal:
@@ -30,7 +30,7 @@ tests:
  - it: should have subjects values
    set:
      sso:
-        api_users:
+        api_user:
          - name: apiuser
    asserts:
      - contains: