Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add keycloak_realm_rolemapping module to map realm roles to groups #7663

Merged
merged 16 commits into from
Dec 28, 2023
Merged

Add keycloak_realm_rolemapping module to map realm roles to groups #7663

merged 16 commits into from
Dec 28, 2023

Conversation

agross
Copy link
Contributor

@agross agross commented Dec 2, 2023

SUMMARY

For my Keycloak setup I need to be able to map realm roles into groups. Until now this collection does not support this.

ISSUE TYPE
  • New Module/Plugin Pull Request
COMPONENT NAME

keycloak_realm_rolemapping

ADDITIONAL INFORMATION

This is a continuation of #5384 which unfortunately was not merged.

@agross agross changed the title Add keycloak_realm_rolemapping module to map realm roles to groups Add keycloak_realm_rolemapping module to map realm roles to groups (WIP) Dec 2, 2023
@ansibullbot
Copy link
Collaborator

cc @eikef @mattock @ndclt
click here for bot help

@ansibullbot ansibullbot added identity module module module_utils module_utils new_contributor Help guide this first time contributor plugins plugin (any type) labels Dec 2, 2023
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot added ci_verified Push fixes to PR branch to re-run CI needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Dec 2, 2023
felixfontein
felixfontein reviewed Dec 2, 2023
View reviewed changes
Copy link
Collaborator

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution!

For the errors regarding authors, see https://github.com/ansible-collections/community.general/blob/main/CONTRIBUTING.md#creating-new-modules-or-plugins.

Also note that new modules must always come with tests (unit tests, integration tests, or both). Some existing keycloak_* modules have unit tests (tests/unit/plugins/modules/test_keycloak_*.py), some others have integration tests (tests/integration/targets/keycloak_*).

plugins/module_utils/identity/keycloak/keycloak.py Show resolved Hide resolved
plugins/modules/keycloak_realm_rolemapping.py Outdated Show resolved Hide resolved
plugins/modules/keycloak_realm_rolemapping.py Outdated Show resolved Hide resolved
plugins/modules/keycloak_realm_rolemapping.py Outdated Show resolved Hide resolved
@felixfontein felixfontein added check-before-release PR will be looked at again shortly before release and merged if possible. backport-8 Automatically create a backport for the stable-8 branch labels Dec 4, 2023
@agross
Copy link
Contributor Author

agross commented Dec 6, 2023

Hello @felixfontein,

Thank you for your feedback. I'll continue working on the issues mentioned. I just wanted to get this out the door before people start duplicating work. I was aware this PR isn't perfect yet.

@ansibullbot ansibullbot removed the ci_verified Push fixes to PR branch to re-run CI label Dec 6, 2023
@ansibullbot ansibullbot added the ci_verified Push fixes to PR branch to re-run CI label Dec 6, 2023
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot removed the ci_verified Push fixes to PR branch to re-run CI label Dec 6, 2023
@agross
Credit other authors
bd6dfe1 
* mhuysamen submitted #7645
* Gaetan2907 authored keycloak_client_rolemapping.py which I took as a
  basis
@ansibullbot ansibullbot removed the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR label Dec 6, 2023
@agross
Copy link
Contributor Author

agross commented Dec 6, 2023

@felixfontein

I'm not sure what to do about this error regarding ansible/third-party-check:

+ ARTIFACT=/home/zuul/downloads/community-general-8.2.0.tar.gz
++ python -m galaxy_importer.main /home/zuul/downloads/community-general-8.2.0.tar.gz
+ output='Importing with galaxy-importer 0.4.17
ERROR: The import failed for the following reason: Invalid link target detected.'

@ansibullbot ansibullbot added integration tests/integration tests tests labels Dec 6, 2023
@agross
Copy link
Contributor Author

agross commented Dec 6, 2023

Hello @felixfontein,

The integration tests are successful when I run them locally with docker. I think I'm ready for your review, apart from that failing "third-party check" above which seems to have an issue with "TASK [Confirm collection can be imported into galaxy]". I'm not aware of any reason why it would fail with regard to my changes.

@agross agross changed the title Add keycloak_realm_rolemapping module to map realm roles to groups (WIP) Add keycloak_realm_rolemapping module to map realm roles to groups Dec 6, 2023
@felixfontein
Copy link
Collaborator

The third-party check check fails from time to time, you can ignore it. (I would rather remove it, but it comes as part of the "collection releasing is managed by Zuul" package, so I'm afraid we cannot remove it so easily...)

@felixfontein
Copy link
Collaborator

I'm not sure what to do about this error regarding ansible/third-party-check:

+ ARTIFACT=/home/zuul/downloads/community-general-8.2.0.tar.gz
++ python -m galaxy_importer.main /home/zuul/downloads/community-general-8.2.0.tar.gz
+ output='Importing with galaxy-importer 0.4.17
ERROR: The import failed for the following reason: Invalid link target detected.'

That was a bug in galaxy-importer that got fixed in ansible/galaxy-importer#252.

@ansibullbot ansibullbot added the stale_ci CI is older than 7 days, rerun before merging label Dec 16, 2023
@agross @felixfontein
Downgrade version_added
c1a25ba 
Co-authored-by: Felix Fontein <[email protected]>
@ansibullbot ansibullbot added needs_ci This PR requires CI testing to be performed. Please close and re-open this PR to trigger CI needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR and removed stale_ci CI is older than 7 days, rerun before merging needs_ci This PR requires CI testing to be performed. Please close and re-open this PR to trigger CI needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Dec 23, 2023
@felixfontein
Copy link
Collaborator

If nobody objects, I'll merge this in ~a week.

@felixfontein felixfontein removed the check-before-release PR will be looked at again shortly before release and merged if possible. label Dec 28, 2023
@felixfontein felixfontein merged commit f7bc696 into ansible-collections:main Dec 28, 2023
121 checks passed
@patchback Patchback
Copy link

patchback bot commented Dec 28, 2023
edited
Loading

Backport to stable-8: 💚 backport PR created

✅ Backport PR branch: patchback/backports/stable-8/f7bc6964be2d052278bf291f689dc2b85c609013/pr-7663

Backported as #7785

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

patchback bot pushed a commit that referenced this pull request Dec 28, 2023
@agross @patchback
Add keycloak_realm_rolemapping module to map realm roles to groups (#…
28d31ef 
…7663)

* Add keycloak_realm_rolemapping module to map realm roles to groups

* Whitespace

* Description in plain English

* Casing

* Update error reporting as per #7645

* Add agross as maintainer of keycloak_realm_rolemapping module

* cid and client_id are not used here

* Credit other authors

* mhuysamen submitted #7645
* Gaetan2907 authored keycloak_client_rolemapping.py which I took as a
  basis

* Add integration tests

* With Keycloak 23 realmRoles are only returned if assigned

* Remove debug statement

* Add test verifying that unmap works when no realm roles are assigned

* Add license to readme

* Change version number this module was added

* Document which versions of the docker images have been tested

* Downgrade version_added

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit f7bc696)
@patchback patchback bot mentioned this pull request Dec 28, 2023
Merged
@felixfontein
Copy link
Collaborator

@agross thanks for your contribution!

felixfontein pushed a commit that referenced this pull request Dec 28, 2023
@patchback @agross
[PR #7663/f7bc6964 backport][stable-8] Add keycloak_realm_rolemapping…
87a079e 
… module to map realm roles to groups (#7785)

Add keycloak_realm_rolemapping module to map realm roles to groups (#7663)

* Add keycloak_realm_rolemapping module to map realm roles to groups

* Whitespace

* Description in plain English

* Casing

* Update error reporting as per #7645

* Add agross as maintainer of keycloak_realm_rolemapping module

* cid and client_id are not used here

* Credit other authors

* mhuysamen submitted #7645
* Gaetan2907 authored keycloak_client_rolemapping.py which I took as a
  basis

* Add integration tests

* With Keycloak 23 realmRoles are only returned if assigned

* Remove debug statement

* Add test verifying that unmap works when no realm roles are assigned

* Add license to readme

* Change version number this module was added

* Document which versions of the docker images have been tested

* Downgrade version_added

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit f7bc696)

Co-authored-by: Alexander Groß <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein left review comments

Assignees
No one assigned
Labels
backport-8 Automatically create a backport for the stable-8 branch identity integration tests/integration module_utils module_utils module module new_contributor Help guide this first time contributor plugins plugin (any type) tests tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@agross @ansibullbot @felixfontein