Teams and users management

[prein]

Would it be possible to make the chart set up local users and teams in Concourse? Setting up team namespaces and RBAC, as well as local users is already in place. There would still be the need for creating teams in Concourse and associating users with the teams. I imagine this could fit a post-install hook. For the record: researching the topic I came across a question on Concourse forums https://discuss.concourse-ci.org/t/helm-chart-and-team-management/1379

[taylorsilva]

The problem with trying to provide this workflow is that the only way to currently create teams is through the fly CLI or by hitting the concourse API. Both paths require figuring out how to authenticate to the main team which is generally a brittle workflow to maintain.

Adding some kind of teams-config flag to the concourse binary first might be a good first step allowing operators to pass in a file that declares what teams should be created in Concourse.

[ChrisJBurns]

Revisiting this now, am currently working on standing up Concourse using this Chart and FluxCD. Works really nice with regards to creating of the teams namespaces for secrets. However the thing it doesn't have is the ability to set up a team through the chart config. I have to essentially login as the admin user into the main team and set-team to create a new teams and assign individuals or groups into that team. Would be lovely if we had this possibility into the chart config.

Something like

teamsConfig:
    teams:
        - team1
        - team2

And then in separate part for the OAuth2 providers, in my case GitLab:

teamAssignment: 
  - 
    group: team-1
    teamName: team-1
    users: 
      - user-1
      - user-2
  - 
    group: team-2
    teamName: team-2
    users: 
      - user-3
      - user-4

This would save the manual work of using the fly cli and would help move it into the direction of GitOps and automation.