search

crossplane-contrib / provider-keycloak

Apache License 2.0
21 stars 11 forks source link

feat(defaults): add extractor for default roles, add default groups #86

Closed Breee closed 5 months ago

Breee commented 5 months ago

This PR adds a extractor to the default role object

Extractor: `github.com/crossplane/upjet/pkg/resource.ExtractParamPath("name", false)`,

Which however did not resolve the bugs we faced.

That is why we also add default_groups as a new managed object based on https://registry.terraform.io/providers/edflex-tech/keycloak/latest/docs/resources/default_groups

Here is an example: 

---
apiVersion: realm.keycloak.crossplane.io/v1alpha1
kind: Realm
metadata:
  name: my-realm
spec:
  forProvider:
    enabled: true
    realm: my-realm
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: openidclient.keycloak.crossplane.io/v1alpha1
kind: Client
metadata:
  name: test
spec:
  forProvider:
    realmIdRef:
      name: "my-realm"
    accessType: "CONFIDENTIAL"
    clientId: "test"
    serviceAccountsEnabled: false
  providerConfigRef:
    name: "keycloak-provider-config"
---
apiVersion: role.keycloak.crossplane.io/v1alpha1
kind: Role
metadata:
  name: my-realm-role
spec:
  forProvider:
    description: My Realm Role
    name: my-realm-role
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: role.keycloak.crossplane.io/v1alpha1
kind: Role
metadata:
  name: my-client-role
spec:
  forProvider:
    description: My Client Role
    name: my-client-role
    realmIdRef:
      name: my-realm
    clientIdRef:
      name: test
  providerConfigRef:
    name: keycloak-provider-config
---
apiVersion: group.keycloak.crossplane.io/v1alpha1
kind: Group
metadata:
  name: my-group
spec:
  forProvider:
    name: my-group
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config
--- 
# Example Role mapping: Using groupId and roleIds to assign roles to the default group
apiVersion: group.keycloak.crossplane.io/v1alpha1
kind: Roles
metadata:
  name: dev-group-roles
spec:
  forProvider:
    realmIdRef:
      name: my-realm
    groupIdRef: 
      name: my-group
    roleIdsRefs:
      - name: my-realm-role
      - name: my-client-role
  providerConfigRef:
    name: keycloak-provider-config
--- 
apiVersion: defaults.keycloak.crossplane.io/v1alpha1
kind: DefaultGroups
metadata:
  name: default
spec:
  forProvider:
    groupIdsRefs:
    - name: my-group
    realmIdRef:
      name: my-realm
  providerConfigRef:
    name: keycloak-provider-config