Fix Kitchen tests
- Fix Readme
- Add '| yaml' filter
- Update server schema
Related: PROD-22641 (PROD:22641)
Fixes: PROD-25919 (PROD:25919)
Change-Id: I016ef6aac6712e9feef6a6ece810d5f48b799bd7
diff --git a/.kitchen.docker.yml b/.kitchen.docker.yml
deleted file mode 100644
index e092b55..0000000
--- a/.kitchen.docker.yml
+++ /dev/null
@@ -1,50 +0,0 @@
----
-driver:
- name: docker
- hostname: keycloak.ci.local
- #socket: tcp://127.0.0.1:2376
- use_sudo: false
-
-
-
-provisioner:
- name: salt_solo
- salt_install: bootstrap
- salt_bootstrap_url: https://bootstrap.saltstack.com
- salt_version: latest
- require_chef: false
- formula: keycloak
- log_level: info
- state_top:
- base:
- "*":
- - keycloak
- pillars:
- top.sls:
- base:
- "*":
- - keycloak
- grains:
- noservices: True
-
-
-platforms:
- - name: <%=ENV['PLATFORM'] || 'saltstack-ubuntu-xenial-salt-stable' %>
- driver_config:
- image: <%=ENV['PLATFORM'] || 'epcim/salt-formulas:saltstack-ubuntu-xenial-salt-stable'%>
- platform: ubuntu
-
-
-verifier:
- name: inspec
- sudo: true
-
-
-suites:
-
- - name: server
- provisioner:
- pillars-from-files:
- keycloak.sls: tests/pillar/server.sls
-
-# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.yml b/.kitchen.yml
new file mode 100644
index 0000000..b6d41ac
--- /dev/null
+++ b/.kitchen.yml
@@ -0,0 +1,69 @@
+---
+driver:
+ name: docker
+ hostname: keycloak.ci.local
+ #socket: tcp://127.0.0.1:2376
+ use_sudo: false
+
+provisioner:
+ name: salt_solo
+ salt_install: bootstrap
+ salt_bootstrap_url: https://bootstrap.saltstack.com
+ salt_version: latest
+ require_chef: false
+ formula: keycloak
+ log_level: info
+ state_top:
+ base:
+ "*":
+ - keycloak
+ pillars:
+ top.sls:
+ base:
+ "*":
+ - keycloak
+ grains:
+ noservices: True
+
+docker_images:
+ - &xenial-20163 <%=ENV['IMAGE_XENIAL_20163'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19'%>
+ - &xenial-20177 <%=ENV['IMAGE_XENIAL_20177'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19'%>
+ - &xenial-stable <%=ENV['IMAGE_XENIAL_STABLE'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19'%>
+
+platforms:
+ - name: xenial-2016.3
+ driver_config:
+ image: *xenial-20163
+ platform: ubuntu
+
+ - name: xenial-2017.7
+ driver_config:
+ image: *xenial-20177
+ platform: ubuntu
+
+ - name: xenial-stable
+ driver_config:
+ image: *xenial-stable
+ platform: ubuntu
+
+verifier:
+ name: inspec
+ sudo: true
+
+suites:
+ - name: server-ldap
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_ldap.sls
+
+ - name: server-single
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_single.sls
+
+ - name: proxy-single
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_single.sls
+
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/README.rst b/README.rst
index 000604e..b70acc5 100644
--- a/README.rst
+++ b/README.rst
@@ -23,6 +23,7 @@
keycloak:
server:
+ enabled: true
realm:
ldap-realm:
enabled: true
diff --git a/keycloak/schemas/server.yaml b/keycloak/schemas/server.yaml
index 67b8d31..29b76bf 100644
--- a/keycloak/schemas/server.yaml
+++ b/keycloak/schemas/server.yaml
@@ -15,3 +15,7 @@
description: |
Enables keycloak daemon service
type: boolean
+ realm:
+ description: Defines realm
+ type: object
+ additionalProperties: true
diff --git a/keycloak/server/realm.sls b/keycloak/server/realm.sls
index 1b13ce9..20f1973 100644
--- a/keycloak/server/realm.sls
+++ b/keycloak/server/realm.sls
@@ -11,7 +11,7 @@
- user: root
- mode: 0644
- defaults:
- realms: {{ server.realm }}
+ realms: {{ server.realm | yaml }}
- require:
- file: keycloak_server_dir
diff --git a/tests/pillar/server_ldap.sls b/tests/pillar/server_ldap.sls
new file mode 100644
index 0000000..c1e3549
--- /dev/null
+++ b/tests/pillar/server_ldap.sls
@@ -0,0 +1,96 @@
+keycloak:
+ server:
+ enabled: true
+ realm:
+ ldap-realm:
+ enabled: true
+ id: ldap-realm
+ client:
+ ldap-app:
+ enabled: true
+ base_url: /ldap-portal
+ redirect_uris:
+ - /ldap-portal/*
+ web_origins:
+ - "*"
+ public_client: false
+ admin_url: /ldap-portal
+ secret: password
+ protocol_mapper:
+ oidc-usermodel-property-mapper:
+ username:
+ name: username
+ user_attribute: username
+ claim_name: preferred_username
+ given_name:
+ name: given name
+ user_attribute: firstName
+ claim_name: given_name
+ family_name:
+ name: family name
+ user_attribute: lastName
+ claim_name: family_name
+ email:
+ name: email
+ user_attribute: email
+ claim_name: email
+ oidc-full-name-mapper:
+ full_name:
+ name: full_name
+ federation_provider:
+ ldap:
+ display_name: ldap-server
+ users_dn: ou=people,dc=keycloak,dc=org
+ user_object_classes: inetOrgPerson, organizationalPerson
+ username_ldap_attribute: uid
+ bind_dn: cn=admin,dc=keycloak,dc=org
+ bind_credential: password
+ rdn_ldap_attribute: uid
+ edit_mode: READ_ONLY
+ uuid_ldap_attribute: entryUUID
+ connection_url: ldap://localhost:10389
+ sync_registrations: false
+ federation_mapper:
+ user-attribute-ldap-mapper:
+ username:
+ name: username
+ provider_display_name: ldap-server
+ ldap_attribute: uid
+ model_attribute: username
+ mandatory: true
+ read_only: false
+ always_read: false
+ first_name:
+ name: first name
+ provider_display_name: ldap-server
+ ldap_attribute: cn
+ model_attribute: firstName
+ mandatory: true
+ read_only: false
+ always_read: false
+ last_name:
+ name: last name
+ provider_display_name: ldap-server
+ ldap_attribute: sn
+ model_attribute: lastName
+ mandatory: true
+ read_only: false
+ always_read: false
+ email:
+ name: email
+ provider_display_name: ldap-server
+ ldap_attribute: mail
+ model_attribute: email
+ mandatory: false
+ read_only: false
+ always_read: false
+ role-ldap-mapper:
+ realm_roles:
+ name: realm roles
+ provider_display_name: ldap-server
+ roles_dn: ou=groups,dc=cicd,dc=local
+ membership_ldap_attribute: member
+ role_name_ldap_attribute: cn
+ role_object_classes: groupOfNames
+ mode: LDAP_ONLY
+ realm_roles_mapping: true
diff --git a/tests/pillar/server_single.sls b/tests/pillar/server_single.sls
index 8fba554..1cf9015 100644
--- a/tests/pillar/server_single.sls
+++ b/tests/pillar/server_single.sls
@@ -1,3 +1,3 @@
keycloak:
server:
- enabled: true
+ enabled: true
\ No newline at end of file