sig#578 - Enhancement keycloak seeding job to seed variables and secrets

[jjeroch]

Summary

Enhancement keycloak seeding job to seed variables and secrets

Please be aware of the changes done to the keycloak seeding in course of https://github.com/eclipse-tractusx/portal-backend/pull/346 (created as short term solution for 23.12.)

[jjeroch]

Last comment from norbert: as a first step in PR https://github.com/eclipse-tractusx/portal-backend/pull/363 all code referring to UserEntityId (companyUsers) respectivly ClientId (ServiceAccounts) has been refactored to make use of username / clientClientId instead. As with this change the keycloak's primary key of those entities doesn't matter any more it allows to seed keycloak-data via the api independently from the database-content. For now the UserEntityId is left as a fallback to authenticate companyUsers that do not have the username set to their identityId. This refers to manually created test-data that needs to be cleaned up as a follow-up activity before removing the UserEntityId from the db-scheme entirely.

The PR is approved, merged and successfully tested on DEV

[ntruchsess]

implemented for Client-Secrets: new config-element:

  "KeycloakSeeding": {
    "DataPaths": [ "..." ],
    "InstanceName": "...",
    "Secrets": {
      "Realm": "...",
      "Clients": [
        {
          "ClientId": "...",
          "Secret": "..."
        }
      ]
    }
  }

to be set from the helmchart as environments-variables:

KEYCLOAKSEEDING_SECRETS_0_REALM
KEYCLOAKSEEDING_SECRETS_0_CLIENTS_0_CLIENTID
KEYCLOAKSEEDING_SECRETS_0_CLIENTS_0_SECRET

[evegufy]

Examples for variables:

• redirectUris https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/consortia/catenax-central/dev/CX-Central-realm.json#L6250 https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3404 https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3825 https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L4015

• rootUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3817

• adminUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3914 https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3818

• baseUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L3819

• identityProviders__config

-- tokenUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L6635

-- jwksUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L6636

-- authorizationUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L6637

-- logoutUrl https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.0/import/realm-config/generic/catenax-central/CX-Central-realm.json#L6639C10-L6639C19