update PO role

uselagoon · Dec 4, 2023 · 96867db · 96867db
1 parent 833cce8
commit 96867db
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 19 deletions.
diff --git a/test/README.md b/test/README.md
@@ -0,0 +1,16 @@
+## Lagoon minimal setup
+
+Use this docker-compose.yml to start a minimal Lagoon Core for testing purposes.
+
+### Running it
+
+Simple! Just run `make up` - this will pull the images, start Lagoon, and auto-configure the passwords.
+
+Lagoon comes built-in with organizations, groups, projects and users.
+
+All usernames have matching passwords (eg user:owner@example.com pass:owner@example.com)
+
+The file is configured to start the API and keycloak on non-usual ports to avoid any collisions
+
+Use `GRAPHQL_API=http://0.0.0.0:33000/graphql KEYCLOAK_API=http://0.0.0.0:38088/auth` with any tools.
+
diff --git a/test/keycloak/configure-keycloak.sh b/test/keycloak/configure-keycloak.sh
@@ -1,46 +1,52 @@
 function is_keycloak_running {
-    local http_code=$(curl -s -o /dev/null -w "%{http_code}" http://$(hostname -i):8080/auth/admin/realms)
-    if [[ $http_code -eq 401 ]]; then
-        return 0
-    else
-        return 1
-    fi
+  local http_code=$(curl -s -o /dev/null -w "%{http_code}" http://$(hostname -i):8080/auth/admin/realms)
+  if [[ $http_code -eq 401 ]]; then
+    return 0
+  else
+    return 1
+  fi
 }
 
-function configure_users {
+function configure_user_passwords {
 
   LAGOON_DEMO_USERS=("[email protected]" "[email protected]" "[email protected]" "[email protected]" "[email protected]")
   LAGOON_DEMO_ORG_USERS=("[email protected]" "[email protected]" "[email protected]" "[email protected]")
 
   for i in ${LAGOON_DEMO_USERS[@]}
   do
     echo Configuring password for $i
-     /opt/jboss/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon
+    /opt/jboss/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon
   done
 
   for i in ${LAGOON_DEMO_ORG_USERS[@]}
   do
     echo Configuring password for $i
-     /opt/jboss/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon
+    /opt/jboss/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon
   done
 }
 
+function configure_platformowner {
+  echo Configuring platform owner role
+    /opt/jboss/keycloak/bin/kcadm.sh add-roles --uusername [email protected] --rolename platform-owner --config $CONFIG_PATH --target-realm Lagoon
+}
+
 function configure_keycloak {
-    until is_keycloak_running; do
-        echo Keycloak still not running, waiting 5 seconds
-        sleep 5
-    done
+  until is_keycloak_running; do
+    echo Keycloak still not running, waiting 5 seconds
+    sleep 5
+  done
 
-    # Set the config file path because $HOME/.keycloak/kcadm.config resolves to /opt/jboss/?/.keycloak/kcadm.config for some reason, causing it to fail
-    CONFIG_PATH=/opt/jboss/keycloak/standalone/data/.keycloak/kcadm.config
+  # Set the config file path because $HOME/.keycloak/kcadm.config resolves to /opt/jboss/?/.keycloak/kcadm.config for some reason, causing it to fail
+  CONFIG_PATH=/opt/jboss/keycloak/standalone/data/.keycloak/kcadm.config
 
-    echo Keycloak is running, proceeding with configuration
+  echo Keycloak is running, proceeding with configuration
 
-    /opt/jboss/keycloak/bin/kcadm.sh config credentials --config $CONFIG_PATH --server http://$(hostname -i):8080/auth --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD --realm master
+  /opt/jboss/keycloak/bin/kcadm.sh config credentials --config $CONFIG_PATH --server http://$(hostname -i):8080/auth --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD --realm master
 
-    configure_users
+  configure_user_passwords
+  configure_platformowner
 
-    echo "Config of Keycloak users done"
+  echo "Config of Keycloak users done"
 }
 
 configure_keycloak