diff --git a/testsuite/src/main/java/org/jboss/intersmash/testsuite/junit5/categories/NotForCommunityExecutionProfile.java b/testsuite/src/main/java/org/jboss/intersmash/testsuite/junit5/categories/NotForCommunityExecutionProfile.java index 04bbb57d2..08ff9cce9 100644 --- a/testsuite/src/main/java/org/jboss/intersmash/testsuite/junit5/categories/NotForCommunityExecutionProfile.java +++ b/testsuite/src/main/java/org/jboss/intersmash/testsuite/junit5/categories/NotForCommunityExecutionProfile.java @@ -1,11 +1,11 @@ package org.jboss.intersmash.testsuite.junit5.categories; -import org.junit.jupiter.api.Tag; - import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; +import org.junit.jupiter.api.Tag; + /** * Mark a test that does not support community deliverables. * Used per class. diff --git a/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/OpenShiftProvisionerTestBase.java b/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/OpenShiftProvisionerTestBase.java index ad4570b22..04523f991 100644 --- a/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/OpenShiftProvisionerTestBase.java +++ b/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/OpenShiftProvisionerTestBase.java @@ -32,11 +32,11 @@ import org.jboss.intersmash.testsuite.IntersmashTestsuiteProperties; import org.jboss.intersmash.tools.IntersmashConfig; import org.jboss.intersmash.tools.application.openshift.BootableJarOpenShiftApplication; +import org.jboss.intersmash.tools.application.openshift.Eap7ImageOpenShiftApplication; import org.jboss.intersmash.tools.application.openshift.KafkaOperatorApplication; import org.jboss.intersmash.tools.application.openshift.MysqlImageOpenShiftApplication; import org.jboss.intersmash.tools.application.openshift.PostgreSQLImageOpenShiftApplication; import org.jboss.intersmash.tools.application.openshift.WildflyImageOpenShiftApplication; -import org.jboss.intersmash.tools.application.openshift.Eap7ImageOpenShiftApplication; import org.jboss.intersmash.tools.application.openshift.input.BinarySource; import org.jboss.intersmash.tools.application.openshift.input.BuildInput; import org.jboss.intersmash.tools.application.openshift.input.BuildInputBuilder; diff --git a/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/RhSsoOperatorProvisionerTest.java b/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/RhSsoOperatorProvisionerTest.java index cf1b78df7..f7c7cf1d4 100644 --- a/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/RhSsoOperatorProvisionerTest.java +++ b/testsuite/src/test/java/org/jboss/intersmash/testsuite/provision/openshift/RhSsoOperatorProvisionerTest.java @@ -16,31 +16,27 @@ package org.jboss.intersmash.testsuite.provision.openshift; import java.io.IOException; +import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.stream.Collectors; import java.util.stream.Stream; +import org.jboss.intersmash.testsuite.junit5.categories.NotForCommunityExecutionProfile; import org.jboss.intersmash.tools.application.openshift.RhSsoOperatorApplication; import org.jboss.intersmash.tools.junit5.IntersmashExtension; import org.jboss.intersmash.tools.provision.openshift.RhSsoOperatorProvisioner; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.KeycloakBackup; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.KeycloakBackupBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec.KeycloakAWSSpecBuilder; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.KeycloakClient; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.KeycloakClientBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakAPIClientBuilder; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.Keycloak; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.KeycloakBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.KeycloakExternalAccessBuilder; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.KeycloakRealm; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.KeycloakRealmBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.KeycloakAPIRealmBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.RedirectorIdentityProviderOverrideBuilder; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.KeycloakUser; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.KeycloakUserBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakAPIUserBuilder; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakCredential; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakCredentialBuilder; import org.jboss.intersmash.tools.provision.openshift.operator.resources.OperatorGroup; import org.junit.jupiter.api.AfterAll; @@ -49,6 +45,16 @@ import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; +import org.keycloak.v1alpha1.Keycloak; +import org.keycloak.v1alpha1.KeycloakBackup; +import org.keycloak.v1alpha1.KeycloakClient; +import org.keycloak.v1alpha1.KeycloakRealm; +import org.keycloak.v1alpha1.KeycloakUser; +import org.keycloak.v1alpha1.keycloakclientspec.Client; +import org.keycloak.v1alpha1.keycloakclientspec.RealmSelector; +import org.keycloak.v1alpha1.keycloakrealmspec.InstanceSelector; +import org.keycloak.v1alpha1.keycloakuserspec.User; +import org.keycloak.v1alpha1.keycloakuserspec.user.Credentials; import org.slf4j.event.Level; import cz.xtf.core.openshift.OpenShiftWaiters; @@ -58,7 +64,6 @@ import io.fabric8.kubernetes.api.model.ConfigMap; import io.fabric8.kubernetes.api.model.ConfigMapBuilder; import io.fabric8.kubernetes.api.model.DeletionPropagation; -import io.fabric8.kubernetes.api.model.LabelSelectorBuilder; import lombok.extern.slf4j.Slf4j; /** @@ -72,7 +77,7 @@ */ @Slf4j @CleanBeforeAll -@Disabled("WIP - Disabled until global-test.properties is configured with the required property") +@NotForCommunityExecutionProfile public class RhSsoOperatorProvisionerTest { // Be aware that since we're using the static mock application, not all provisioner methods will work as expected! private static final RhSsoOperatorProvisioner KEYCLOAK_OPERATOR_PROVISIONER = initializeOperatorProvisioner(); @@ -234,14 +239,17 @@ public void clientSecret() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "client-secret"; + RealmSelector realmSelector = new RealmSelector(); + realmSelector.setMatchLabels(matchLabels); + Client client = new Client(); + client.setClientId("client-secret"); + client.setSecret("client-secret"); + client.setClientAuthenticatorType("client-secret"); + client.setProtocol("openid-connect"); + KeycloakClient keycloakClient = new KeycloakClientBuilder(name, matchLabels) - .realmSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) - .client(new KeycloakAPIClientBuilder() - .clientId("client-secret") - .secret("client-secret") - .clientAuthenticatorType("client-secret") - .protocol("openid-connect") - .build()) + .realmSelector(realmSelector) + .client(client) .build(); verifyClient(keycloakClient); } finally { @@ -334,6 +342,8 @@ public void realmWithUsers() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "example-keycloakrealm"; + InstanceSelector instanceSelector = new InstanceSelector(); + instanceSelector.setMatchLabels(matchLabels); KeycloakRealm keycloakRealm = new KeycloakRealmBuilder(name, matchLabels) .realm(new KeycloakAPIRealmBuilder() .id("basic") @@ -361,7 +371,7 @@ public void realmWithUsers() { .forFlow("browser") .identityProvider("openshift-v4") .build()) - .instanceSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) + .instanceSelector(instanceSelector) .build(); verifyRealm(keycloakRealm); @@ -411,6 +421,8 @@ public void samlRealm() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "example-keycloakrealm"; + InstanceSelector instanceSelector = new InstanceSelector(); + instanceSelector.setMatchLabels(matchLabels); KeycloakRealm keycloakRealm = new KeycloakRealmBuilder(name, matchLabels) .realm(new KeycloakAPIRealmBuilder() .id("saml-demo") @@ -453,7 +465,7 @@ public void samlRealm() { .protocol("saml") .build()) .build()) - .instanceSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) + .instanceSelector(instanceSelector) .build(); verifyRealm(keycloakRealm); @@ -476,6 +488,8 @@ public void openIdRealm() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "example-keycloakrealm"; + InstanceSelector instanceSelector = new InstanceSelector(); + instanceSelector.setMatchLabels(matchLabels); KeycloakRealm keycloakRealm = new KeycloakRealmBuilder(name, matchLabels) .realm(new KeycloakAPIRealmBuilder() .id("openid-demo") @@ -503,7 +517,7 @@ public void openIdRealm() { .protocol("openid-connect") .build()) .build()) - .instanceSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) + .instanceSelector(instanceSelector) .build(); verifyRealm(keycloakRealm); @@ -528,16 +542,18 @@ public void basicUser() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "example-realm-user"; + org.keycloak.v1alpha1.keycloakuserspec.RealmSelector realmSelector = new org.keycloak.v1alpha1.keycloakuserspec.RealmSelector(); + realmSelector.setMatchLabels(matchLabels); + User user = new User(); + user.setUsername("realm_user"); + user.setFirstName("John"); + user.setLastName("Doe"); + user.setEmail("user@example.com"); + user.setEnabled(true); + user.setEmailVerified(false); KeycloakUser keycloakUser = new KeycloakUserBuilder(name, matchLabels) - .user(new KeycloakAPIUserBuilder() - .username("realm_user") - .firstName("John") - .lastName("Doe") - .email("user@example.com") - .enabled(true) - .emailVerified(false) - .build()) - .realmSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) + .user(user) + .realmSelector(realmSelector) .build(); verifyUser(keycloakUser); @@ -547,9 +563,7 @@ public void basicUser() { } /** - * This test case creates and validates a {@link KeycloakUser} CR with a related - * {@link KeycloakCredential} - * instance + * This test case creates and validates a {@link KeycloakUser} CR with related credentials * * This is not an integration test, the goal here is to assess that the created CRs are configured as per the * model specification. @@ -563,20 +577,24 @@ public void userWithCredentials() { KEYCLOAK_OPERATOR_PROVISIONER.subscribe(); try { name = "example-realm-user-with-creds"; + org.keycloak.v1alpha1.keycloakuserspec.RealmSelector realmSelector = new org.keycloak.v1alpha1.keycloakuserspec.RealmSelector(); + Credentials credentials = new Credentials(); + credentials.setType("password"); + credentials.setValue("12345"); + User user = new User(); + user.setUsername("creds_user"); + user.setFirstName("Creds"); + user.setLastName("User"); + user.setEmail("creds_user@redhat.com"); + user.setEnabled(true); + user.setEmailVerified(false); + user.setCredentials(Collections.singletonList(credentials)); + user.setRealmRoles(Collections.singletonList("offline_access")); + user.getClientRoles().put("account", Stream.of("manage-account").collect(Collectors.toList())); + user.getClientRoles().put("realm-management", Stream.of("manage-users").collect(Collectors.toList())); KeycloakUser keycloakUser = new KeycloakUserBuilder(name, matchLabels) - .user(new KeycloakAPIUserBuilder() - .username("creds_user") - .firstName("Creds") - .lastName("User") - .email("creds_user@redhat.com") - .enabled(true) - .emailVerified(false) - .credentials(new KeycloakCredentialBuilder().type("password").value("12345").build()) - .realmRoles("offline_access") - .clientRole("account", Stream.of("manage-account").collect(Collectors.toList())) - .clientRole("realm-management", Stream.of("manage-users").collect(Collectors.toList())) - .build()) - .realmSelector(new LabelSelectorBuilder().withMatchLabels(matchLabels).build()) + .user(user) + .realmSelector(realmSelector) .build(); verifyUser(keycloakUser); @@ -602,7 +620,8 @@ public void basicProvisioningTest() { "Unexpected number of cluster operator pods for '" + KEYCLOAK_OPERATOR_PROVISIONER.getOperatorId() + "' after deploy"); - int scaledNum = KEYCLOAK_OPERATOR_PROVISIONER.getApplication().getKeycloak().getSpec().getInstances() + 1; + int scaledNum = KEYCLOAK_OPERATOR_PROVISIONER.getApplication().getKeycloak().getSpec().getInstances().intValue() + + 1; KEYCLOAK_OPERATOR_PROVISIONER.scale(scaledNum, true); Assertions.assertEquals(scaledNum, KEYCLOAK_OPERATOR_PROVISIONER.getPods().size(), "Unexpected number of cluster operator pods for '" + KEYCLOAK_OPERATOR_PROVISIONER.getOperatorId() diff --git a/tools/intersmash-tools-core/src/main/java/org/jboss/intersmash/tools/IntersmashConfig.java b/tools/intersmash-tools-core/src/main/java/org/jboss/intersmash/tools/IntersmashConfig.java index 15d21d586..aec7da869 100644 --- a/tools/intersmash-tools-core/src/main/java/org/jboss/intersmash/tools/IntersmashConfig.java +++ b/tools/intersmash-tools-core/src/main/java/org/jboss/intersmash/tools/IntersmashConfig.java @@ -42,14 +42,14 @@ public class IntersmashConfig { private static final String COMMUNITY_INFINISPAN_OPERATOR_PACKAGE_MANIFEST = "infinispan"; private static final String PRODUCT_INFINISPAN_OPERATOR_PACKAGE_MANIFEST = "datagrid"; private static final String DEFAULT_INFINISPAN_OPERATOR_PACKAGE_MANIFEST = COMMUNITY_INFINISPAN_OPERATOR_PACKAGE_MANIFEST; - private static final String RHSSO_OPERATOR_CATALOG_SOURCE_NAME = "intersmash.keycloak.operators.catalog_source"; + private static final String RHSSO_OPERATOR_CATALOG_SOURCE_NAME = "intersmash.rhsso.operators.catalog_source"; private static final String KEYCLOAK_REALM_IMPORT_OPERATOR_CATALOG_SOURCE_NAME = "intersmash.keycloak.realm_import.operators.catalog_source"; - private static final String RHSSO_OPERATOR_INDEX_IMAGE = "intersmash.keycloak.operators.index_image"; + private static final String RHSSO_OPERATOR_INDEX_IMAGE = "intersmash.rhsso.operators.index_image"; private static final String KEYCLOAK_REALM_IMPORT_OPERATOR_INDEX_IMAGE = "intersmash.keycloak.realm_import.operators.index_image"; - private static final String RHSSO_OPERATOR_CHANNEL = "intersmash.keycloak.operators.channel"; + private static final String RHSSO_OPERATOR_CHANNEL = "intersmash.rhsso.operators.channel"; private static final String KEYCLOAK_REALM_IMPORT_OPERATOR_CHANNEL = "intersmash.keycloak.realm_import.operators.channel"; - private static final String KEYCLOAK_OPERATOR_PACKAGE_MANIFEST = "intersmash.keycloak.operators.package_manifest"; + private static final String RHSSO_OPERATOR_PACKAGE_MANIFEST = "intersmash.rhsso.operators.package_manifest"; private static final String KEYCLOAK_REALM_IMPORT_OPERATOR_PACKAGE_MANIFEST = "intersmash.keycloak.realm_import.operators.package_manifest"; private static final String COMMUNITY_KEYCLOAK_OPERATOR_PACKAGE_MANIFEST = "keycloak-operator"; private static final String PRODUCT_KEYCLOAK_OPERATOR_PACKAGE_MANIFEST = "rhsso-operator"; @@ -171,7 +171,7 @@ public static String rhSsoOperatorChannel() { } public static String rhSsoOperatorPackageManifest() { - return XTFConfig.get(KEYCLOAK_OPERATOR_PACKAGE_MANIFEST, DEFAULT_KEYCLOAK_OPERATOR_PACKAGE_MANIFEST); + return XTFConfig.get(RHSSO_OPERATOR_PACKAGE_MANIFEST, PRODUCT_KEYCLOAK_OPERATOR_PACKAGE_MANIFEST); } public static String wildflyOperatorCatalogSource() { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/Eap7ImageOpenShiftApplication.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/Eap7ImageOpenShiftApplication.java index c92416f7e..b8d8fc168 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/Eap7ImageOpenShiftApplication.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/Eap7ImageOpenShiftApplication.java @@ -4,9 +4,9 @@ import java.util.List; import org.jboss.intersmash.tools.application.openshift.input.BuildInput; +import org.jboss.intersmash.tools.provision.openshift.Eap7ImageOpenShiftProvisioner; import io.fabric8.kubernetes.api.model.EnvVar; -import org.jboss.intersmash.tools.provision.openshift.Eap7ImageOpenShiftProvisioner; /** * End user Application descriptor interface which presents a AP 7.z (i.e. Jakarta EE 8 based WildFly) application on diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/RhSsoOperatorApplication.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/RhSsoOperatorApplication.java index f372e7c5d..22614bb91 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/RhSsoOperatorApplication.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/application/openshift/RhSsoOperatorApplication.java @@ -19,11 +19,11 @@ import java.util.List; import org.jboss.intersmash.tools.provision.openshift.RhSsoOperatorProvisioner; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.KeycloakBackup; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.KeycloakClient; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.Keycloak; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.KeycloakRealm; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.KeycloakUser; +import org.keycloak.v1alpha1.Keycloak; +import org.keycloak.v1alpha1.KeycloakBackup; +import org.keycloak.v1alpha1.KeycloakClient; +import org.keycloak.v1alpha1.KeycloakRealm; +import org.keycloak.v1alpha1.KeycloakUser; /** * End user Application interface which presents Keycloak operator application on OpenShift Container Platform. diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/RhSsoOperatorProvisioner.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/RhSsoOperatorProvisioner.java index e15a1fdb2..de238f4d6 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/RhSsoOperatorProvisioner.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/RhSsoOperatorProvisioner.java @@ -27,16 +27,16 @@ import org.jboss.intersmash.tools.IntersmashConfig; import org.jboss.intersmash.tools.application.openshift.RhSsoOperatorApplication; import org.jboss.intersmash.tools.provision.openshift.operator.OperatorProvisioner; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.KeycloakBackup; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.KeycloakBackupList; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.KeycloakClient; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.KeycloakClientList; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.Keycloak; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.KeycloakList; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.KeycloakRealm; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.KeycloakRealmList; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.KeycloakUser; import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.KeycloakUserList; +import org.keycloak.v1alpha1.Keycloak; +import org.keycloak.v1alpha1.KeycloakBackup; +import org.keycloak.v1alpha1.KeycloakClient; +import org.keycloak.v1alpha1.KeycloakRealm; +import org.keycloak.v1alpha1.KeycloakUser; import org.slf4j.event.Level; import cz.xtf.core.config.OpenShiftConfig; @@ -157,10 +157,10 @@ public void deploy() { * @param keycloak Concrete {@link Keycloak} instance which the method should be wait for */ public void waitFor(Keycloak keycloak) { - int replicas = keycloak.getSpec().getInstances(); + int replicas = keycloak.getSpec().getInstances().intValue(); if (replicas > 0) { // 1. check externalDatabase - if (keycloak.getSpec().getExternalDatabase() == null || !keycloak.getSpec().getExternalDatabase().isEnabled()) { + if (keycloak.getSpec().getExternalDatabase() == null || !keycloak.getSpec().getExternalDatabase().getEnabled()) { // 2. wait for PostgreSQL to be ready (Service "keycloak-postgresql" is guaranteed to exist by documentation) new SimpleWaiter(() -> OpenShiftProvisioner.openShift.getPods() .stream() @@ -182,21 +182,21 @@ public void waitFor(Keycloak keycloak) { } private void waitForKeycloakResourceReadiness() { - new SimpleWaiter(() -> keycloak().get().getStatus().isReady()) + new SimpleWaiter(() -> keycloak().get().getStatus().getReady()) .reason("Wait for keycloak resource to be ready").level(Level.DEBUG).waitFor(); if (getApplication().getKeycloakRealms().size() > 0) - new SimpleWaiter(() -> keycloakRealms().stream().map(realm -> realm.get().getStatus().isReady()) + new SimpleWaiter(() -> keycloakRealms().stream().map(realm -> realm.get().getStatus().getReady()) .reduce(Boolean::logicalAnd).get()) .reason("Wait for keycloakrealms to be ready.").level(Level.DEBUG).waitFor(); if (getApplication().getKeycloakClients().size() > 0) - new SimpleWaiter(() -> keycloakClients().stream().map(realm -> realm.get().getStatus().isReady()) + new SimpleWaiter(() -> keycloakClients().stream().map(realm -> realm.get().getStatus().getReady()) .reduce(Boolean::logicalAnd).get()) .reason("Wait for keycloakclients to be ready.").level(Level.DEBUG).waitFor(); if (getApplication().getKeycloakUsers().size() > 0) new SimpleWaiter(() -> keycloakUsersClient().list().getItems().size() == getApplication().getKeycloakUsers().size()) .reason("Wait for keycloakusers to be ready.").level(Level.DEBUG).waitFor(); // no isReady() for users if (getApplication().getKeycloakBackups().size() > 0) - new SimpleWaiter(() -> keycloakBackups().stream().map(realm -> realm.get().getStatus().isReady()) + new SimpleWaiter(() -> keycloakBackups().stream().map(realm -> realm.get().getStatus().getReady()) .reduce(Boolean::logicalAnd).get()) .reason("Wait for keycloakbackups to be ready.").level(Level.DEBUG).waitFor(); } @@ -234,8 +234,8 @@ public void undeploy() { public void scale(int replicas, boolean wait) { String controllerRevisionHash = getStatefulSet().getStatus().getUpdateRevision(); Keycloak tmpKeycloak = keycloak().get(); - int originalReplicas = tmpKeycloak.getSpec().getInstances(); - tmpKeycloak.getSpec().setInstances(replicas); + int originalReplicas = tmpKeycloak.getSpec().getInstances().intValue(); + tmpKeycloak.getSpec().setInstances(Long.valueOf(replicas)); keycloak().replace(tmpKeycloak); if (wait) { OpenShiftWaiters.get(OpenShiftProvisioner.openShift, ffCheck) @@ -243,7 +243,7 @@ public void scale(int replicas, boolean wait) { .level(Level.DEBUG) .waitFor(); } - new SimpleWaiter(() -> keycloak().get().getStatus().isReady()) + new SimpleWaiter(() -> keycloak().get().getStatus().getReady()) .reason("Wait for keycloak resource to be ready").level(Level.DEBUG).waitFor(); // check that route is up if (originalReplicas == 0 && replicas > 0) { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackup.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackup.java deleted file mode 100644 index 595edafcc..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackup.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec.KeycloakBackupSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.status.KeycloakBackupStatus; -import org.jboss.intersmash.tools.provision.openshift.operator.resources.OpenShiftResource; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ObjectMeta; -import io.fabric8.kubernetes.client.CustomResource; -import io.fabric8.kubernetes.model.annotation.Group; -import io.fabric8.kubernetes.model.annotation.Version; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/server_installation_and_configuration_guide/operator#backup-cr - * - * https://github.com/keycloak/keycloak-operator/blob/master/pkg/apis/keycloak/v1alpha1/keycloakbackup_types.go - * https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakbackups_crd.yaml - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -@Group("keycloak.org") -@Version("v1alpha1") -public class KeycloakBackup extends CustomResource implements OpenShiftResource<KeycloakBackup> { - /** - * Standard object’s metadata. - */ - private ObjectMeta metadata; - - /** - * KeycloakBackupSpec defines the desired state of KeycloakBackup. - */ - private KeycloakBackupSpec spec; - - /** - * KeycloakBackupStatus defines the observed state of KeycloakBackup. - */ - private KeycloakBackupStatus status; - - @Override - public KeycloakBackup load(KeycloakBackup loaded) { - this.setMetadata(loaded.getMetadata()); - this.setSpec(loaded.getSpec()); - return this; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupBuilder.java index 4b6ef1ef2..d03082065 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupBuilder.java @@ -17,8 +17,9 @@ import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec.KeycloakAWSSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec.KeycloakBackupSpec; +import org.keycloak.v1alpha1.KeycloakBackup; +import org.keycloak.v1alpha1.KeycloakBackupSpec; +import org.keycloak.v1alpha1.keycloakbackupspec.Aws; import io.fabric8.kubernetes.api.model.ObjectMeta; @@ -26,7 +27,7 @@ public final class KeycloakBackupBuilder { private String name; private Map<String, String> labels; private boolean restore; - private KeycloakAWSSpec aws; + private Aws aws; // private LabelSelector instanceSelector; // private String storageClassName; @@ -73,10 +74,10 @@ public KeycloakBackupBuilder restore(boolean restore) { * a local Persistent Volume. If this property is not provided - a local * Persistent Volume backup will be chosen. * - * @param aws A {@link KeycloakAWSSpec} instance storing configuration for creating a backup on AWS + * @param aws A {@link Aws} instance storing configuration for creating a backup on AWS * @return this */ - public KeycloakBackupBuilder aws(KeycloakAWSSpec aws) { + public KeycloakBackupBuilder aws(Aws aws) { this.aws = aws; return this; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupList.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupList.java index 9b5797973..8500c4943 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupList.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/KeycloakBackupList.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup; +import org.keycloak.v1alpha1.KeycloakBackup; + import io.fabric8.kubernetes.client.CustomResourceList; public class KeycloakBackupList extends CustomResourceList<KeycloakBackup> { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpec.java deleted file mode 100644 index 7185079ab..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpec.java +++ /dev/null @@ -1,79 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * If provided, an automatic database backup will be created on AWS S3 instead of - * a local Persistent Volume. If this property is not provided - a local - * Persistent Volume backup will be chosen. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAWSSpec { - /** - * If provided, the database backup will be encrypted. - * Provides a secret name used for encrypting database data. - * The secret needs to be in the following form: - * - * apiVersion: v1 - * kind: Secret - * metadata: - * name: <Secret name> - * type: Opaque - * stringData: - * GPG_PUBLIC_KEY: <GPG Public Key> - * GPG_TRUST_MODEL: <GPG Trust Model> - * GPG_RECIPIENT: <GPG Recipient> - * - * For more information, please refer to the Operator documentation. - */ - private String encryptionKeySecretName; - - /** - * Provides a secret name used for connecting to AWS S3 Service. - * The secret needs to be in the following form: - * - * apiVersion: v1 - * kind: Secret - * metadata: - * name: <Secret name> - * type: Opaque - * stringData: - * AWS_S3_BUCKET_NAME: <S3 Bucket Name> - * AWS_ACCESS_KEY_ID: <AWS Access Key ID> - * AWS_SECRET_ACCESS_KEY: <AWS Secret Key> - * - * For more information, please refer to the Operator documentation. - */ - private String credentialsSecretName; - - /** - * If specified, it will be used as a schedule for creating a CronJob. - */ - private String schedule; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpecBuilder.java index 22543dbcc..fdf036442 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakAWSSpecBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec; +import org.keycloak.v1alpha1.keycloakbackupspec.Aws; + /** * If provided, an automatic database backup will be created on AWS S3 instead of * a local Persistent Volume. If this property is not provided - a local @@ -85,8 +87,8 @@ public KeycloakAWSSpecBuilder schedule(String schedule) { return this; } - public KeycloakAWSSpec build() { - KeycloakAWSSpec keycloakAWSSpec = new KeycloakAWSSpec(); + public Aws build() { + Aws keycloakAWSSpec = new Aws(); keycloakAWSSpec.setEncryptionKeySecretName(encryptionKeySecretName); keycloakAWSSpec.setCredentialsSecretName(credentialsSecretName); keycloakAWSSpec.setSchedule(schedule); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakBackupSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakBackupSpec.java deleted file mode 100644 index d002e429e..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/spec/KeycloakBackupSpec.java +++ /dev/null @@ -1,61 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakBackupSpec { - /** - * Controls automatic restore behavior. - * Currently not implemented. - * - * In the future this will be used to trigger automatic restore for a given KeycloakBackup. - * Each backup will correspond to a single snapshot of the database (stored either in a - * Persistent Volume or AWS). If a user wants to restore it, all he/she needs to do is to - * change this flag to true. - * Potentially, it will be possible to restore a single backup multiple times. - */ - private boolean restore; - - /** - * If provided, an automatic database backup will be created on AWS S3 instead of - * a local Persistent Volume. If this property is not provided - a local - * Persistent Volume backup will be chosen. - */ - private KeycloakAWSSpec aws; - - // /** - // * Selector for looking up Keycloak Custom Resources. - // */ - // private LabelSelector instanceSelector; - - // /** - // * Name of the StorageClass for Postgresql Backup Persistent Volume Claim. - // */ - // private String storageClassName; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/status/KeycloakBackupStatus.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/status/KeycloakBackupStatus.java deleted file mode 100644 index 6d5204786..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/backup/status/KeycloakBackupStatus.java +++ /dev/null @@ -1,57 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.backup.status; - -import java.util.List; -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakBackupStatus { - - /** - * Current phase of the operator. - */ - private String phase; - - /** - * Human-readable message indicating details about current operator phase or error. - */ - private String message; - - /** - * True if all resources are in a ready state and all work is done. - */ - private boolean ready; - - /** - * A map of all the secondary resources types and names created for this CR. - * e.g "Deployment": [ "DeploymentName1", "DeploymentName2" ]. - */ - private Map<String, List<String>> secondaryResources; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClient.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClient.java deleted file mode 100644 index be5883f4f..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClient.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakClientSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.status.KeycloakClientStatus; -import org.jboss.intersmash.tools.provision.openshift.operator.resources.OpenShiftResource; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ObjectMeta; -import io.fabric8.kubernetes.client.CustomResource; -import io.fabric8.kubernetes.model.annotation.Group; -import io.fabric8.kubernetes.model.annotation.Version; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/server_installation_and_configuration_guide/operator#client-cr - * - * https://github.com/keycloak/keycloak-operator/blob/master/pkg/apis/keycloak/v1alpha1/keycloakbackup_types.go - * https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakbackups_crd.yaml - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -@Group("keycloak.org") -@Version("v1alpha1") -public class KeycloakClient extends CustomResource implements OpenShiftResource<KeycloakClient> { - /** - * Standard object’s metadata. - */ - private ObjectMeta metadata; - - /** - * KeycloakClientSpec defines the desired state of KeycloakClient. - */ - private KeycloakClientSpec spec; - - /** - * KeycloakClientStatus defines the observed state of KeycloakClient - */ - private KeycloakClientStatus status; - - @Override - public KeycloakClient load(KeycloakClient loaded) { - this.setMetadata(loaded.getMetadata()); - this.setSpec(loaded.getSpec()); - return this; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientBuilder.java index aea14c3ee..a51924c69 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientBuilder.java @@ -17,17 +17,18 @@ import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakAPIClient; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakClientSpec; +import org.keycloak.v1alpha1.KeycloakClient; +import org.keycloak.v1alpha1.KeycloakClientSpec; +import org.keycloak.v1alpha1.keycloakclientspec.Client; +import org.keycloak.v1alpha1.keycloakclientspec.RealmSelector; -import io.fabric8.kubernetes.api.model.LabelSelector; import io.fabric8.kubernetes.api.model.ObjectMeta; public final class KeycloakClientBuilder { private String name; private Map<String, String> labels; - private LabelSelector realmSelector; - private KeycloakAPIClient client; + private RealmSelector realmSelector; + private Client client; /** * Initialize the {@link KeycloakClientBuilder} with given resource name. @@ -55,7 +56,7 @@ public KeycloakClientBuilder(String name, Map<String, String> labels) { * @param realmSelector Label selector for looking up KeycloakRealm Custom Resources. * @return this */ - public KeycloakClientBuilder realmSelector(LabelSelector realmSelector) { + public KeycloakClientBuilder realmSelector(RealmSelector realmSelector) { this.realmSelector = realmSelector; return this; } @@ -66,7 +67,7 @@ public KeycloakClientBuilder realmSelector(LabelSelector realmSelector) { * @param client Keycloak REST API client. * @return this */ - public KeycloakClientBuilder client(KeycloakAPIClient client) { + public KeycloakClientBuilder client(Client client) { this.client = client; return this; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientList.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientList.java index 247b4cf2a..7b69f18a6 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientList.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/KeycloakClientList.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client; +import org.keycloak.v1alpha1.KeycloakClient; + import io.fabric8.kubernetes.client.CustomResourceList; public class KeycloakClientList extends CustomResourceList<KeycloakClient> { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClient.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClient.java deleted file mode 100644 index c5da7d84d..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClient.java +++ /dev/null @@ -1,213 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec; - -import java.util.List; -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Keycloak Client REST object. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIClient { - /** - * Client ID. If not specified, automatically generated. - */ - private String id; - - /** - * Client ID. - */ - private String clientId; - - /** - * Client name. - */ - private String name; - - /** - * Surrogate Authentication Required option. - */ - private boolean surrogateAuthRequired; - - /** - * Client enabled flag. - */ - private boolean enabled; - - /** - * What Client authentication type to use. - */ - private String clientAuthenticatorType; - - /** - * Client Secret. The Operator will automatically create a Secret based on this value. - */ - private String secret; - - /** - * Application base URL. - */ - private String baseUrl; - - /** - * Application Admin URL. - */ - private String adminUrl; - - /** - * Application root URL. - */ - private String rootUrl; - - /** - * Client description. - */ - private String description; - - /** - * Default Client roles. - */ - private List<String> defaultRoles; - - /** - * A list of valid Redirection URLs. - */ - private List<String> redirectUris; - - /** - * A list of valid Web Origins. - */ - private List<String> webOrigins; - - /** - * Not Before setting. - */ - private int notBefore; - - /** - * True if a client supports only Bearer Tokens. - */ - private boolean bearerOnly; - - /** - * True if Consent Screen is required. - */ - private boolean consentRequired; - - /** - * True if Standard flow is enabled. - */ - private boolean standardFlowEnabled; - - /** - * True if Implicit flow is enabled. - */ - private boolean implicitFlowEnabled; - - /** - * True if Direct Grant is enabled. - */ - private boolean directAccessGrantsEnabled; - - /** - * True if Service Accounts are enabled. - */ - private boolean serviceAccountsEnabled; - - /** - * True if this is a public Client. - */ - private boolean publicClient; - - /** - * True if this client supports Front Channel logout. - */ - private boolean frontchannelLogout; - - /** - * Protocol used for this Client. - */ - private String protocol; - - /** - * Client Attributes. - */ - private Map<String, String> attributes; - - /** - * True if Full Scope is allowed. - */ - private boolean fullScopeAllowed; - - /** - * Node registration timeout. - */ - private int nodeReRegistrationTimeout; - - /** - * Protocol Mappers. - */ - private List<KeycloakProtocolMapper> protocolMappers; - - /** - * True to use a Template Config. - */ - private boolean useTemplateConfig; - - /** - * True to use Template Scope. - */ - private boolean useTemplateScope; - - /** - * True to use Template Mappers. - */ - private boolean useTemplateMappers; - - /** - * Access options. - */ - private Map<String, Boolean> access; - - // /** - // * A list of optional client scopes. Optional client scopes are - // * applied when issuing tokens for this client, but only when they - // * are requested by the scope parameter in the OpenID Connect - // * authorization request. - // */ - // private List<String> optionalClientScopes; - // - // /** - // * A list of default client scopes. Default client scopes are - // * always applied when issuing OpenID Connect tokens or SAML - // * assertions for this client. - // */ - // private List<String> defaultClientScopes; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClientBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClientBuilder.java index 0b2beceab..b1f1a266e 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClientBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakAPIClientBuilder.java @@ -20,6 +20,9 @@ import java.util.List; import java.util.Map; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.Clients; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.clients.ProtocolMappers; + /** * Keycloak Client REST object. */ @@ -38,7 +41,7 @@ public final class KeycloakAPIClientBuilder { private List<String> defaultRoles; private List<String> redirectUris; private List<String> webOrigins; - private int notBefore; + private long notBefore; private boolean bearerOnly; private boolean consentRequired; private boolean standardFlowEnabled; @@ -50,8 +53,8 @@ public final class KeycloakAPIClientBuilder { private String protocol; private Map<String, String> attributes; private boolean fullScopeAllowed; - private int nodeReRegistrationTimeout; - private List<KeycloakProtocolMapper> protocolMappers; + private long nodeReRegistrationTimeout; + private List<ProtocolMappers> protocolMappers; private boolean useTemplateConfig; private boolean useTemplateScope; private boolean useTemplateMappers; @@ -416,10 +419,10 @@ public KeycloakAPIClientBuilder nodeReRegistrationTimeout(int nodeReRegistration /** * Set the Protocol Mappers. * - * @param protocolMappers List of {@link KeycloakProtocolMapper} instances that should be used + * @param protocolMappers List of {@link ProtocolMappers} instances that should be used * @return this */ - public KeycloakAPIClientBuilder protocolMappers(List<KeycloakProtocolMapper> protocolMappers) { + public KeycloakAPIClientBuilder protocolMappers(List<ProtocolMappers> protocolMappers) { this.protocolMappers = protocolMappers; return this; } @@ -427,10 +430,10 @@ public KeycloakAPIClientBuilder protocolMappers(List<KeycloakProtocolMapper> pro /** * Add a Protocol Mapper. * - * @param protocolMapper {@link KeycloakProtocolMapper} instance that should be added + * @param protocolMapper {@link ProtocolMappers} instance that should be added * @return this */ - public KeycloakAPIClientBuilder protocolMappers(KeycloakProtocolMapper protocolMapper) { + public KeycloakAPIClientBuilder protocolMappers(ProtocolMappers protocolMapper) { if (protocolMappers == null) { protocolMappers = new ArrayList<>(); } @@ -545,8 +548,8 @@ public KeycloakAPIClientBuilder access(String key, boolean value) { // return this; // } - public KeycloakAPIClient build() { - KeycloakAPIClient keycloakAPIClient = new KeycloakAPIClient(); + public Clients build() { + Clients keycloakAPIClient = new Clients(); keycloakAPIClient.setId(id); keycloakAPIClient.setClientId(clientId); keycloakAPIClient.setName(name); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakClientSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakClientSpec.java deleted file mode 100644 index 152ba491b..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakClientSpec.java +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.LabelSelector; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakClientSpec defines the desired state of KeycloakClient. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakClientSpec { - - /** - * Selector for looking up KeycloakRealm Custom Resources. - */ - private LabelSelector realmSelector; - - /** - * Keycloak Client REST object. - */ - private KeycloakAPIClient client; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapper.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapper.java deleted file mode 100644 index 99b0f0958..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapper.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec; - -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakProtocolMapper { - - /** - * Protocol Mapper ID. - */ - private String id; - - /** - * Protocol Mapper Name. - */ - private String name; - - /** - * Protocol to use. - */ - private String protocol; - - /** - * Protocol Mapper to use. - */ - private String protocolMapper; - - /** - * True if Consent Screen is required. - */ - private boolean consentRequired; - - /** - * Text to use for displaying Consent Screen. - */ - private String consentText; - - /** - * Config options. - */ - private Map<String, String> config; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapperBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapperBuilder.java index abf8cdb1d..63d6ea63d 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapperBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/spec/KeycloakProtocolMapperBuilder.java @@ -18,6 +18,8 @@ import java.util.HashMap; import java.util.Map; +import org.keycloak.v1alpha1.keycloakclientspec.client.ProtocolMappers; + public final class KeycloakProtocolMapperBuilder { private String id; private String name; @@ -119,8 +121,8 @@ public KeycloakProtocolMapperBuilder config(String key, String value) { return this; } - public KeycloakProtocolMapper build() { - KeycloakProtocolMapper keycloakProtocolMapper = new KeycloakProtocolMapper(); + public ProtocolMappers build() { + ProtocolMappers keycloakProtocolMapper = new ProtocolMappers(); keycloakProtocolMapper.setId(id); keycloakProtocolMapper.setName(name); keycloakProtocolMapper.setProtocol(protocol); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/status/KeycloakClientStatus.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/status/KeycloakClientStatus.java deleted file mode 100644 index 81e8275a0..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/client/status/KeycloakClientStatus.java +++ /dev/null @@ -1,60 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.status; - -import java.util.List; -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakClientStatus defines the observed state of KeycloakClient. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakClientStatus { - - /** - * Current phase of the operator. - */ - private String phase; - - /** - * Human-readable message indicating details about current operator phase or error. - */ - private String message; - - /** - * True if all resources are in a ready state and all work is done. - */ - private boolean ready; - - /** - * A map of all the secondary resources types and names created for this CR. - * e.g "Deployment": [ "DeploymentName1", "DeploymentName2" ]. - */ - private Map<String, List<String>> secondaryResources; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/Keycloak.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/Keycloak.java deleted file mode 100644 index f73c19b1b..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/Keycloak.java +++ /dev/null @@ -1,69 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.KeycloakSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.status.KeycloakStatus; -import org.jboss.intersmash.tools.provision.openshift.operator.resources.OpenShiftResource; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ObjectMeta; -import io.fabric8.kubernetes.client.CustomResource; -import io.fabric8.kubernetes.model.annotation.Group; -import io.fabric8.kubernetes.model.annotation.Version; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * https://github.com/keycloak/keycloak-operator/blob/master/pkg/apis/keycloak/v1alpha1/keycloak_types.go - * https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloaks_crd.yaml - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -@Group("keycloak.org") -@Version("v1alpha1") -public class Keycloak extends CustomResource implements OpenShiftResource<Keycloak> { - - /** - * Standard object’s metadata. - */ - private ObjectMeta metadata; - - /** - * KeycloakSpec defines the desired state of Keycloak. - */ - private KeycloakSpec spec; - - /** - * KeycloakStatus defines the observed state of Keycloak. - */ - private KeycloakStatus status; - - @Override - public Keycloak load(Keycloak loaded) { - this.setMetadata(loaded.getMetadata()); - this.setSpec(loaded.getSpec()); - return this; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakBuilder.java index 765adcbba..ecb1ace99 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakBuilder.java @@ -19,10 +19,11 @@ import java.util.List; import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.KeycloakExternalAccess; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.KeycloakExternalDatabase; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.KeycloakSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec.PodDisruptionBudgetConfig; +import org.keycloak.v1alpha1.Keycloak; +import org.keycloak.v1alpha1.KeycloakSpec; +import org.keycloak.v1alpha1.keycloakspec.ExternalAccess; +import org.keycloak.v1alpha1.keycloakspec.ExternalDatabase; +import org.keycloak.v1alpha1.keycloakspec.PodDisruptionBudget; import io.fabric8.kubernetes.api.model.ObjectMeta; @@ -32,11 +33,11 @@ public final class KeycloakBuilder { // private boolean unmanaged; // private KeycloakExternal external; private List<String> extensions; - private int instances; - private KeycloakExternalAccess externalAccess; - private KeycloakExternalDatabase externalDatabase; + private long instances; + private ExternalAccess externalAccess; + private ExternalDatabase externalDatabase; private String profile; - private PodDisruptionBudgetConfig podDisruptionBudget; + private PodDisruptionBudget podDisruptionBudget; // private KeycloakDeploymentSpec keycloakDeploymentSpec; // private PostgresqlDeploymentSpec postgresDeploymentSpec; // private MigrateConfig migration; @@ -122,7 +123,7 @@ public KeycloakBuilder instances(int instances) { * @param externalAccess Stores external access configuration for Keycloak * @return this */ - public KeycloakBuilder externalAccess(KeycloakExternalAccess externalAccess) { + public KeycloakBuilder externalAccess(ExternalAccess externalAccess) { this.externalAccess = externalAccess; return this; } @@ -158,7 +159,7 @@ public KeycloakBuilder externalAccess(KeycloakExternalAccess externalAccess) { * @param externalDatabase Stores external database configuration for Keycloak * @return this */ - public KeycloakBuilder externalDatabase(KeycloakExternalDatabase externalDatabase) { + public KeycloakBuilder externalDatabase(ExternalDatabase externalDatabase) { this.externalDatabase = externalDatabase; return this; } @@ -180,7 +181,7 @@ public KeycloakBuilder profile(String profile) { * @param podDisruptionBudget Stores pod disruption budget configuration * @return this */ - public KeycloakBuilder podDisruptionBudget(PodDisruptionBudgetConfig podDisruptionBudget) { + public KeycloakBuilder podDisruptionBudget(PodDisruptionBudget podDisruptionBudget) { this.podDisruptionBudget = podDisruptionBudget; return this; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakList.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakList.java index 4c56d8018..715ef7015 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakList.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/KeycloakList.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak; +import org.keycloak.v1alpha1.Keycloak; + import io.fabric8.kubernetes.client.CustomResourceList; public class KeycloakList extends CustomResourceList<Keycloak> { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfig.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfig.java deleted file mode 100644 index fe1bea769..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfig.java +++ /dev/null @@ -1,41 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Specify Migration configuration. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class BackupConfig { - - /** - * If set to true, the operator will do database backup before doing migration. - */ - private boolean enabled; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfigBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfigBuilder.java deleted file mode 100644 index 697a266a3..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/BackupConfigBuilder.java +++ /dev/null @@ -1,40 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -/** - * Specify Migration configuration. - */ -public final class BackupConfigBuilder { - private boolean enabled; - - /** - * If set to true, the operator will do database backup before doing migration. - * - * @param enabled Whether the operator will do database backup before doing migration - * @return this - */ - public BackupConfigBuilder enabled(boolean enabled) { - this.enabled = enabled; - return this; - } - - public BackupConfig build() { - BackupConfig backupConfig = new BackupConfig(); - backupConfig.setEnabled(enabled); - return backupConfig; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpec.java deleted file mode 100644 index 5f1a190af..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpec.java +++ /dev/null @@ -1,51 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.KeyToPath; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class ConfigMapVolumeSpec { - - /** - * ConfigMap name. - */ - private String name; - - /** - * An absolute path where to mount it. - */ - private String mountPath; - - /** - * ConfigMap mount details. - */ - private List<KeyToPath> items; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpecBuilder.java index 66cc401a9..79446a052 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ConfigMapVolumeSpecBuilder.java @@ -18,12 +18,12 @@ import java.util.ArrayList; import java.util.List; -import io.fabric8.kubernetes.api.model.KeyToPath; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.items.Items; public final class ConfigMapVolumeSpecBuilder { private String name; private String mountPath; - private List<KeyToPath> items; + private List<Items> items; /** * Set the ConfigMap name. @@ -50,10 +50,10 @@ public ConfigMapVolumeSpecBuilder mountPath(String mountPath) { /** * ConfigMap mount details. * - * @param items List of {@link KeyToPath} instances representing the ConfigMap mount details + * @param items List of {@link Items} instances representing the ConfigMap mount details * @return this */ - public ConfigMapVolumeSpecBuilder items(List<KeyToPath> items) { + public ConfigMapVolumeSpecBuilder items(List<Items> items) { this.items = items; return this; } @@ -61,10 +61,10 @@ public ConfigMapVolumeSpecBuilder items(List<KeyToPath> items) { /** * Add one ConfigMap mount detail item. * - * @param item {@link KeyToPath} instances representing the ConfigMap mount details that should be added + * @param item {@link Items} instances representing the ConfigMap mount details that should be added * @return this */ - public ConfigMapVolumeSpecBuilder items(KeyToPath item) { + public ConfigMapVolumeSpecBuilder items(Items item) { if (items == null) { items = new ArrayList<>(); } @@ -72,8 +72,8 @@ public ConfigMapVolumeSpecBuilder items(KeyToPath item) { return this; } - public ConfigMapVolumeSpec build() { - ConfigMapVolumeSpec configMapVolumeSpec = new ConfigMapVolumeSpec(); + public org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items build() { + org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items configMapVolumeSpec = new org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items(); configMapVolumeSpec.setName(name); configMapVolumeSpec.setMountPath(mountPath); configMapVolumeSpec.setItems(items); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpec.java deleted file mode 100644 index 7c831e548..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpec.java +++ /dev/null @@ -1,61 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.EnvVar; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Experimental section - * NOTE: This section might change or get removed without any notice. It may also cause the deployment to behave - * in an unpredictable fashion. Please use with care. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class ExperimentalSpec { - - /** - * Arguments to the entrypoint. Translates into Container CMD. - */ - private List<String> args; - - /** - * Container command. Translates into Container ENTRYPOINT. - */ - private List<String> command; - - /** - * List of environment variables to set in the container. - */ - private List<EnvVar> env; - - /** - * Additional volume mounts - */ - private VolumesSpec volumes; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpecBuilder.java index b1802463f..1260f6cbd 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/ExperimentalSpecBuilder.java @@ -18,7 +18,10 @@ import java.util.ArrayList; import java.util.List; -import io.fabric8.kubernetes.api.model.EnvVar; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.Experimental; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.Env; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.Volumes; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items; /** * Experimental section @@ -28,8 +31,8 @@ public final class ExperimentalSpecBuilder { private List<String> args; private List<String> command; - private List<EnvVar> env; - private VolumesSpec volumes; + private List<Env> env; + private Volumes volumes; /** * Set the arguments to the entrypoint. Translates into Container CMD. @@ -87,7 +90,7 @@ public ExperimentalSpecBuilder command(String command) { * @param env List of environment variables * @return this */ - public ExperimentalSpecBuilder env(List<EnvVar> env) { + public ExperimentalSpecBuilder env(List<Env> env) { this.env = env; return this; } @@ -98,7 +101,7 @@ public ExperimentalSpecBuilder env(List<EnvVar> env) { * @param env Environment variable that should be added * @return this */ - public ExperimentalSpecBuilder env(EnvVar env) { + public ExperimentalSpecBuilder env(Env env) { if (this.env == null) { this.env = new ArrayList<>(); } @@ -109,16 +112,16 @@ public ExperimentalSpecBuilder env(EnvVar env) { /** * Additional volume mounts. * - * @param volumes {@link VolumesSpec} instance storing volume mount definitions + * @param volumes {@link Items} instance storing volume mount definitions * @return this */ - public ExperimentalSpecBuilder volumes(VolumesSpec volumes) { + public ExperimentalSpecBuilder volumes(Volumes volumes) { this.volumes = volumes; return this; } - public ExperimentalSpec build() { - ExperimentalSpec experimentalSpec = new ExperimentalSpec(); + public Experimental build() { + Experimental experimentalSpec = new Experimental(); experimentalSpec.setArgs(args); experimentalSpec.setCommand(command); experimentalSpec.setEnv(env); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpec.java deleted file mode 100644 index 2d2a345de..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpec.java +++ /dev/null @@ -1,49 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ResourceRequirements; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Resources (Requests and Limits) for KeycloakDeployment. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakDeploymentSpec { - - /** - * Resources (Requests and Limits) for the Pods. - */ - private ResourceRequirements resources; - - /** - * Experimental section - * NOTE: This section might change or get removed without any notice. It may also cause the deployment to behave - * in an unpredictable fashion. Please use with care. - */ - private ExperimentalSpec experimental; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpecBuilder.java index 7b019a0a6..2fd4dd85d 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakDeploymentSpecBuilder.java @@ -15,14 +15,16 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; -import io.fabric8.kubernetes.api.model.ResourceRequirements; +import org.keycloak.v1alpha1.keycloakspec.KeycloakDeploymentSpec; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.Experimental; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.Resources; /** * Resources (Requests and Limits) for KeycloakDeployment. */ public final class KeycloakDeploymentSpecBuilder { - private ResourceRequirements resources; - private ExperimentalSpec experimental; + private Resources resources; + private Experimental experimental; /** * Set the Resources (Requests and Limits) for the Pods. @@ -30,7 +32,7 @@ public final class KeycloakDeploymentSpecBuilder { * @param resources The Resources (Requests and Limits) for the Pods * @return this */ - public KeycloakDeploymentSpecBuilder resources(ResourceRequirements resources) { + public KeycloakDeploymentSpecBuilder resources(Resources resources) { this.resources = resources; return this; } @@ -43,7 +45,7 @@ public KeycloakDeploymentSpecBuilder resources(ResourceRequirements resources) { * @param experimental The experimental section definition * @return this */ - public KeycloakDeploymentSpecBuilder experimental(ExperimentalSpec experimental) { + public KeycloakDeploymentSpecBuilder experimental(Experimental experimental) { this.experimental = experimental; return this; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternal.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternal.java deleted file mode 100644 index a8abe549b..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternal.java +++ /dev/null @@ -1,46 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Contains configuration for external Keycloak instances. Unmanaged needs to be set to true to use this. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakExternal { - /** - * If set to true, this Keycloak will be treated as an external instance. - * The unmanaged field also needs to be set to true if this field is true. - */ - private boolean enabled; - - /** - * The URL to use for the keycloak admin API. Needs to be set if external is true. - */ - private String url; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccess.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccess.java deleted file mode 100644 index 4eedc0019..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccess.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Controls external Ingress/Route settings. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakExternalAccess { - - /** - * If set to true, the Operator will create an Ingress or a Route pointing to Keycloak. - */ - private boolean enabled; - // - // /** - // * TLS Termination type for the external access. Setting this field to "reencrypt" will - // * terminate TLS on the Ingress/Route level. Setting this field to "passthrough" will - // * send encrypted traffic to the Pod. If unspecified, defaults to "reencrypt". - // * Note, that this setting has no effect on Ingress - // * as Ingress TLS settings are not reconciled by this operator. In other words, - // * Ingress TLS configuration is the same in both cases and it is up to the user - // * to configure TLS section of the Ingress. - // */ - // private String tlsTermination; - // - // /** - // * If set, the Operator will use value of host for Ingress/Route host instead of default value keycloak.local for - // * ingress and automatically chosen name for Route. - // */ - // private String host; - -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccessBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccessBuilder.java index 23dbcf75e..f65d475e9 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccessBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalAccessBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; +import org.keycloak.v1alpha1.keycloakspec.ExternalAccess; + /** * Controls external Ingress/Route settings. */ @@ -59,8 +61,8 @@ public KeycloakExternalAccessBuilder enabled(boolean enabled) { // return this; // } - public KeycloakExternalAccess build() { - KeycloakExternalAccess keycloakExternalAccess = new KeycloakExternalAccess(); + public ExternalAccess build() { + ExternalAccess keycloakExternalAccess = new ExternalAccess(); keycloakExternalAccess.setEnabled(enabled); // keycloakExternalAccess.setTlsTermination(tlsTermination); // keycloakExternalAccess.setHost(host); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalBuilder.java index fb660d289..beebbe243 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; +import org.keycloak.v1alpha1.keycloakspec.External; + /** * Contains configuration for external Keycloak instances. Unmanaged needs to be set to true to use this. */ @@ -45,8 +47,8 @@ public KeycloakExternalBuilder url(String url) { return this; } - public KeycloakExternal build() { - KeycloakExternal keycloakExternal = new KeycloakExternal(); + public External build() { + External keycloakExternal = new External(); keycloakExternal.setEnabled(enabled); keycloakExternal.setUrl(url); return keycloakExternal; diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabase.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabase.java deleted file mode 100644 index 11db35b8c..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabase.java +++ /dev/null @@ -1,65 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Controls external database settings. - * Using an external database requires providing a secret containing credentials - * as well as connection details. Here's an example of such secret: - * - * apiVersion: v1 - * kind: Secret - * metadata: - * name: keycloak-db-secret - * namespace: keycloak - * stringData: - * POSTGRES_DATABASE: <Database Name> - * POSTGRES_EXTERNAL_ADDRESS: <External Database IP or URL (resolvable by K8s)> - * POSTGRES_EXTERNAL_PORT: <External Database Port> - * # Strongly recommended to use <'Keycloak CR Name'-postgresql> - * POSTGRES_HOST: <Database Service Name> - * POSTGRES_PASSWORD: <Database Password> - * # Required for AWS Backup functionality - * POSTGRES_SUPERUSER: true - * POSTGRES_USERNAME: <Database Username> - * type: Opaque - * - * Both POSTGRES_EXTERNAL_ADDRESS and POSTGRES_EXTERNAL_PORT are specifically required for creating - * connection to the external database. The secret name is created using the following convention: - * <Custom Resource Name>-db-secret - * - * For more information, please refer to the Operator documentation. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakExternalDatabase { - /** - * If set to true, the Operator will use an external database. - */ - private boolean enabled; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabaseBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabaseBuilder.java index cf86523ef..6645ed137 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabaseBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakExternalDatabaseBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; +import org.keycloak.v1alpha1.keycloakspec.ExternalDatabase; + /** * Controls external database settings. * Using an external database requires providing a secret containing credentials @@ -57,8 +59,8 @@ public KeycloakExternalDatabaseBuilder enabled(boolean enabled) { return this; } - public KeycloakExternalDatabase build() { - KeycloakExternalDatabase keycloakExternalDatabase = new KeycloakExternalDatabase(); + public ExternalDatabase build() { + ExternalDatabase keycloakExternalDatabase = new ExternalDatabase(); keycloakExternalDatabase.setEnabled(enabled); return keycloakExternalDatabase; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakSpec.java deleted file mode 100644 index 7db8f902e..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/KeycloakSpec.java +++ /dev/null @@ -1,125 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakSpec defines the desired state of Keycloak. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakSpec { - - // /** - // * When set to true, this Keycloak will be marked as unmanaged and will not be managed by this operator. - // * - // * It can then be used for targeting purposes. - // */ - // private boolean unmanaged; - // - // /** - // * Contains configuration for external Keycloak instances. Unmanaged needs to be set to true to use this. - // */ - // private KeycloakExternal external; - - /** - * A list of extensions, where each one is a URL to a JAR files that will be deployed in Keycloak. - */ - private List<String> extensions; - - /** - * Number of Keycloak instances in HA mode. Default is 1. - */ - private int instances; - - /** - * Controls external Ingress/Route settings. - */ - private KeycloakExternalAccess externalAccess; - - /** - * Controls external database settings. - * Using an external database requires providing a secret containing credentials - * as well as connection details. Here's an example of such secret: - * - * apiVersion: v1 - * kind: Secret - * metadata: - * name: keycloak-db-secret - * namespace: keycloak - * stringData: - * POSTGRES_DATABASE: <Database Name> - * POSTGRES_EXTERNAL_ADDRESS: <External Database IP or URL (resolvable by K8s)> - * POSTGRES_EXTERNAL_PORT: <External Database Port> - * # Strongly recommended to use <'Keycloak CR Name'-postgresql> - * POSTGRES_HOST: <Database Service Name> - * POSTGRES_PASSWORD: <Database Password> - * # Required for AWS Backup functionality - * POSTGRES_SUPERUSER: true - * POSTGRES_USERNAME: <Database Username> - * type: Opaque - * - * Both POSTGRES_EXTERNAL_ADDRESS and POSTGRES_EXTERNAL_PORT are specifically required for creating - * connection to the external database. The secret name is created using the following convention: - * <Custom Resource Name>-db-secret - * - * For more information, please refer to the Operator documentation. - */ - private KeycloakExternalDatabase externalDatabase; - - /** - * Profile used for controlling Operator behavior. Default is empty. - */ - private String profile; - - /** - * Specify PodDisruptionBudget configuration. - */ - private PodDisruptionBudgetConfig podDisruptionBudget; - - // /** - // * Resources (Requests and Limits) for KeycloakDeployment. - // */ - // private KeycloakDeploymentSpec keycloakDeploymentSpec; - // - // /** - // * Resources (Requests and Limits) for PostgresDeployment. - // */ - // private PostgresqlDeploymentSpec postgresDeploymentSpec; - // - // /** - // * Specify Migration configuration. - // */ - // private MigrateConfig migration; - // - // /** - // * Name of the StorageClass for Postgresql Persistent Volume Claim. - // */ - // private String storageClassName; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfig.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfig.java deleted file mode 100644 index 9fb678570..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfig.java +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Specify Migration configuration. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class MigrateConfig { - /** - * Specify migration strategy. - */ - private String strategy; - - /** - * Set it to config backup policy for migration. - */ - private BackupConfig backups; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfigBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfigBuilder.java deleted file mode 100644 index 911aec19b..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/MigrateConfigBuilder.java +++ /dev/null @@ -1,71 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -/** - * Specify Migration configuration. - */ -public final class MigrateConfigBuilder { - private String strategy; - private BackupConfig backups; - - /** - * Specify migration strategy. - * - * @param strategy The migration strategy that should be used - * @return this - */ - public MigrateConfigBuilder strategy(MigrationStrategy strategy) { - if (strategy != MigrationStrategy.NO_STRATEGY) { - this.strategy = strategy.getValue(); - } - return this; - } - - /** - * Set it to config backup policy for migration. - * - * @param backups The backup configuration that should be used - * @return this - */ - public MigrateConfigBuilder backups(BackupConfig backups) { - this.backups = backups; - return this; - } - - public MigrateConfig build() { - MigrateConfig migrateConfig = new MigrateConfig(); - migrateConfig.setStrategy(strategy); - migrateConfig.setBackups(backups); - return migrateConfig; - } - - public enum MigrationStrategy { - NO_STRATEGY(""), - STRATEGY_RECREATE("recreate"), - STRATEGY_ROLLING("rolling"); - - private String value; - - MigrationStrategy(String value) { - this.value = value; - } - - public String getValue() { - return value; - } - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfig.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfig.java deleted file mode 100644 index 6ed860490..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfig.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Specify PodDisruptionBudget configuration. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class PodDisruptionBudgetConfig { - - /** - * If set to true, the operator will create a PodDistruptionBudget for the Keycloak deployment and set its - * `maxUnavailable` value to 1. - */ - private boolean enabled; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfigBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfigBuilder.java index b4531f112..534d04db9 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfigBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PodDisruptionBudgetConfigBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; +import org.keycloak.v1alpha1.keycloakspec.PodDisruptionBudget; + /** * Specify PodDisruptionBudget configuration. */ @@ -33,8 +35,8 @@ public PodDisruptionBudgetConfigBuilder enabled(boolean enabled) { return this; } - public PodDisruptionBudgetConfig build() { - PodDisruptionBudgetConfig podDisruptionBudgetConfig = new PodDisruptionBudgetConfig(); + public PodDisruptionBudget build() { + PodDisruptionBudget podDisruptionBudgetConfig = new PodDisruptionBudget(); podDisruptionBudgetConfig.setEnabled(enabled); return podDisruptionBudgetConfig; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpec.java deleted file mode 100644 index 53cf54e74..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpec.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ResourceRequirements; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * Resources (Requests and Limits) for PostgresDeployment. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class PostgresqlDeploymentSpec { - - /** - * Resources (Requests and Limits) for the Pods. - */ - private ResourceRequirements resources; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpecBuilder.java index 1af3d6d6d..e068a32c3 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/PostgresqlDeploymentSpecBuilder.java @@ -15,13 +15,14 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; -import io.fabric8.kubernetes.api.model.ResourceRequirements; +import org.keycloak.v1alpha1.keycloakspec.PostgresDeploymentSpec; +import org.keycloak.v1alpha1.keycloakspec.postgresdeploymentspec.Resources; /** * Resources (Requests and Limits) for PostgresDeployment. */ public final class PostgresqlDeploymentSpecBuilder { - private ResourceRequirements resources; + private Resources resources; /** * Set the Resources (Requests and Limits) for the Pods. @@ -29,13 +30,13 @@ public final class PostgresqlDeploymentSpecBuilder { * @param resources The Resources (Requests and Limits) for the Pods * @return this */ - public PostgresqlDeploymentSpecBuilder resources(ResourceRequirements resources) { + public PostgresqlDeploymentSpecBuilder resources(Resources resources) { this.resources = resources; return this; } - public PostgresqlDeploymentSpec build() { - PostgresqlDeploymentSpec postgresqlDeploymentSpec = new PostgresqlDeploymentSpec(); + public PostgresDeploymentSpec build() { + PostgresDeploymentSpec postgresqlDeploymentSpec = new PostgresDeploymentSpec(); postgresqlDeploymentSpec.setResources(resources); return postgresqlDeploymentSpec; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpec.java deleted file mode 100644 index dd342be91..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpec.java +++ /dev/null @@ -1,38 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class VolumeSpec { - - /** - * ConfigMap mount. - */ - private ConfigMapVolumeSpec configMap; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpecBuilder.java index f785808db..7ec460288 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumeSpecBuilder.java @@ -15,8 +15,12 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; +import java.util.List; + +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items; + public final class VolumeSpecBuilder { - private ConfigMapVolumeSpec configMap; + private List<String> configMap; /** * Set the ConfigMap mount. @@ -24,14 +28,14 @@ public final class VolumeSpecBuilder { * @param configMap The ConfigMap mount configuration * @return this */ - public VolumeSpecBuilder configMap(ConfigMapVolumeSpec configMap) { + public VolumeSpecBuilder configMap(List<String> configMap) { this.configMap = configMap; return this; } - public VolumeSpec build() { - VolumeSpec volumeSpec = new VolumeSpec(); - volumeSpec.setConfigMap(configMap); + public Items build() { + Items volumeSpec = new Items(); + volumeSpec.setConfigMaps(configMap); return volumeSpec; } } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpec.java deleted file mode 100644 index 7dbdbe9c3..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpec.java +++ /dev/null @@ -1,39 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class VolumesSpec { - - private List<VolumeSpec> items; - - private int defaultMode; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpecBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpecBuilder.java index e38e73d96..507b4e355 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpecBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/spec/VolumesSpecBuilder.java @@ -18,16 +18,19 @@ import java.util.ArrayList; import java.util.List; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.Volumes; +import org.keycloak.v1alpha1.keycloakspec.keycloakdeploymentspec.experimental.volumes.Items; + public final class VolumesSpecBuilder { - private List<VolumeSpec> items; + private List<Items> items; private int defaultMode; - public VolumesSpecBuilder items(List<VolumeSpec> items) { + public VolumesSpecBuilder items(List<Items> items) { this.items = items; return this; } - public VolumesSpecBuilder items(VolumeSpec item) { + public VolumesSpecBuilder items(Items item) { if (items == null) { items = new ArrayList<>(); } @@ -40,8 +43,8 @@ public VolumesSpecBuilder defaultMode(int defaultMode) { return this; } - public VolumesSpec build() { - VolumesSpec volumesSpec = new VolumesSpec(); + public Volumes build() { + Volumes volumesSpec = new Volumes(); volumesSpec.setItems(items); volumesSpec.setDefaultMode(defaultMode); return volumesSpec; diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/status/KeycloakStatus.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/status/KeycloakStatus.java deleted file mode 100644 index a49b2a476..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/keycloak/status/KeycloakStatus.java +++ /dev/null @@ -1,81 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.keycloak.status; - -import java.util.List; -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakStatus defines the observed state of Keycloak. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakStatus { - - /** - * Current phase of the operator. - */ - private String phase; - - /** - * Human-readable message indicating details about current operator phase or error. - */ - private String message; - - /** - * True if all resources are in a ready state and all work is done. - */ - private boolean ready; - - /** - * A map of all the secondary resources types and names created for this CR. - * e.g "Deployment": [ "DeploymentName1", "DeploymentName2" ]. - */ - private Map<String, List<String>> secondaryResources; - - /** - * Version of Keycloak or RHSSO running on the cluster. - */ - private String version; - - /** - * Service IP and Port for in-cluster access to the keycloak instance. - */ - private String internalURL; - - /** - * Service IP and Port for external access to the keycloak instance. - */ - private String externalURL; - - /** - * The secret where the admin credentials are to be found. - */ - private String credentialSecret; - -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealm.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealm.java deleted file mode 100644 index af978c955..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealm.java +++ /dev/null @@ -1,68 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.KeycloakRealmSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.status.KeycloakRealmStatus; -import org.jboss.intersmash.tools.provision.openshift.operator.resources.OpenShiftResource; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ObjectMeta; -import io.fabric8.kubernetes.client.CustomResource; -import io.fabric8.kubernetes.model.annotation.Group; -import io.fabric8.kubernetes.model.annotation.Version; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * https://github.com/keycloak/keycloak-operator/blob/master/pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go - * https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakrealms_crd.yaml - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -@Group("keycloak.org") -@Version("v1alpha1") -public class KeycloakRealm extends CustomResource implements OpenShiftResource<KeycloakRealm> { - /** - * Standard object’s metadata. - */ - private ObjectMeta metadata; - - /** - * KeycloakRealmSpec defines the desired state of KeycloakRealm. - */ - private KeycloakRealmSpec spec; - - /** - * KeycloakRealmStatus defines the observed state of KeycloakRealm. - */ - private KeycloakRealmStatus status; - - @Override - public KeycloakRealm load(KeycloakRealm loaded) { - this.setMetadata(loaded.getMetadata()); - this.setSpec(loaded.getSpec()); - return this; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmBuilder.java index 2adf5c928..4fc043631 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmBuilder.java @@ -19,20 +19,21 @@ import java.util.List; import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.KeycloakAPIRealm; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.KeycloakRealmSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec.RedirectorIdentityProviderOverride; +import org.keycloak.v1alpha1.KeycloakRealm; +import org.keycloak.v1alpha1.KeycloakRealmSpec; +import org.keycloak.v1alpha1.keycloakrealmspec.InstanceSelector; +import org.keycloak.v1alpha1.keycloakrealmspec.Realm; +import org.keycloak.v1alpha1.keycloakrealmspec.RealmOverrides; -import io.fabric8.kubernetes.api.model.LabelSelector; import io.fabric8.kubernetes.api.model.ObjectMeta; public final class KeycloakRealmBuilder { private String name; private Map<String, String> labels; // private boolean unmanaged; - private LabelSelector instanceSelector; - private KeycloakAPIRealm realm; - private List<RedirectorIdentityProviderOverride> realmOverrides; + private InstanceSelector instanceSelector; + private Realm realm; + private List<RealmOverrides> realmOverrides; /** * Initialize the {@link KeycloakRealmBuilder} with given resource name. @@ -66,10 +67,10 @@ public KeycloakRealmBuilder(String name, Map<String, String> labels) { /** * Set a selector for looking up Keycloak Custom Resources. * - * @param instanceSelector {@link LabelSelector} instance that should be used for looking up Keycloak Custom Resources. + * @param instanceSelector {@link InstanceSelector} instance that should be used for looking up Keycloak Custom Resources. * @return this */ - public KeycloakRealmBuilder instanceSelector(LabelSelector instanceSelector) { + public KeycloakRealmBuilder instanceSelector(InstanceSelector instanceSelector) { this.instanceSelector = instanceSelector; return this; } @@ -77,10 +78,10 @@ public KeycloakRealmBuilder instanceSelector(LabelSelector instanceSelector) { /** * Keycloak Realm REST object. * - * @param realm {@link KeycloakAPIRealm} instance that should be used as the realm REST client + * @param realm {@link Realm} instance that should be used as the realm REST client * @return this */ - public KeycloakRealmBuilder realm(KeycloakAPIRealm realm) { + public KeycloakRealmBuilder realm(Realm realm) { this.realm = realm; return this; } @@ -88,11 +89,11 @@ public KeycloakRealmBuilder realm(KeycloakAPIRealm realm) { /** * A list of overrides to the default Realm behavior. * - * @param realmOverrides A list of {@link RedirectorIdentityProviderOverride} instances that should be used to + * @param realmOverrides A list of {@link RealmOverrides} instances that should be used to * override the default realm behavior * @return this */ - public KeycloakRealmBuilder realmOverrides(List<RedirectorIdentityProviderOverride> realmOverrides) { + public KeycloakRealmBuilder realmOverrides(List<RealmOverrides> realmOverrides) { this.realmOverrides = realmOverrides; return this; } @@ -100,11 +101,11 @@ public KeycloakRealmBuilder realmOverrides(List<RedirectorIdentityProviderOverri /** * Add an override to the default Realm behavior. * - * @param realmOverride A {@link RedirectorIdentityProviderOverride} instance that should be added to + * @param realmOverride A {@link RealmOverrides} instance that should be added to * override the default realm behavior * @return this */ - public KeycloakRealmBuilder realmOverrides(RedirectorIdentityProviderOverride realmOverride) { + public KeycloakRealmBuilder realmOverrides(RealmOverrides realmOverride) { if (realmOverrides == null) { realmOverrides = new ArrayList<>(); } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmList.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmList.java index 3ff561f3e..a83df7a51 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmList.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/KeycloakRealmList.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm; +import org.keycloak.v1alpha1.KeycloakRealm; + import io.fabric8.kubernetes.client.CustomResourceList; public class KeycloakRealmList extends CustomResourceList<KeycloakRealm> { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecution.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecution.java deleted file mode 100644 index 83ebc2eec..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecution.java +++ /dev/null @@ -1,68 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIAuthenticationExecution { - - /** - * Authenticator. - */ - private String authenticator; - - /** - * Authenticator Config. - */ - private String authenticatorConfig; - - /** - * Authenticator flow. - */ - private String authenticatorFlow; - - /** - * Flow Alias. - */ - private String flowAlias; - - /** - * Priority. - */ - private int priority; - - /** - * Requirement [REQUIRED, OPTIONAL, ALTERNATIVE, DISABLED]. - */ - private String requirement; - - /** - * User setup allowed. - */ - private boolean userSetupAllowed; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecutionBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecutionBuilder.java index 9577fc381..1000b2fe7 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecutionBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationExecutionBuilder.java @@ -15,10 +15,12 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.authenticationflows.AuthenticationExecutions; + public final class KeycloakAPIAuthenticationExecutionBuilder { private String authenticator; private String authenticatorConfig; - private String authenticatorFlow; + private boolean authenticatorFlow; private String flowAlias; private int priority; private String requirement; @@ -52,7 +54,7 @@ public KeycloakAPIAuthenticationExecutionBuilder authenticatorConfig(String auth * @param authenticatorFlow String representing a valid authenticator flow * @return this */ - public KeycloakAPIAuthenticationExecutionBuilder authenticatorFlow(String authenticatorFlow) { + public KeycloakAPIAuthenticationExecutionBuilder authenticatorFlow(boolean authenticatorFlow) { this.authenticatorFlow = authenticatorFlow; return this; } @@ -101,8 +103,8 @@ public KeycloakAPIAuthenticationExecutionBuilder userSetupAllowed(boolean userSe return this; } - public KeycloakAPIAuthenticationExecution build() { - KeycloakAPIAuthenticationExecution keycloakAPIAuthenticationExecution = new KeycloakAPIAuthenticationExecution(); + public AuthenticationExecutions build() { + AuthenticationExecutions keycloakAPIAuthenticationExecution = new AuthenticationExecutions(); keycloakAPIAuthenticationExecution.setAuthenticator(authenticator); keycloakAPIAuthenticationExecution.setAuthenticatorConfig(authenticatorConfig); keycloakAPIAuthenticationExecution.setAuthenticatorFlow(authenticatorFlow); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlow.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlow.java deleted file mode 100644 index deaa25601..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlow.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIAuthenticationFlow { - - /** - * Alias. - */ - private String alias; - - /** - * Authentication executions. - */ - private List<KeycloakAPIAuthenticationExecution> authenticationExecutions; - - /** - * Built in. - */ - private boolean builtIn; - - /** - * Description. - */ - private String description; - - /** - * ID. - */ - private String id; - - /** - * Provider ID. - */ - private String providerId; - - /** - * Top level. - */ - private boolean topLevel; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlowBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlowBuilder.java index 1dbc67bcd..b4f766786 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlowBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticationFlowBuilder.java @@ -18,9 +18,12 @@ import java.util.ArrayList; import java.util.List; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.AuthenticationFlows; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.authenticationflows.AuthenticationExecutions; + public final class KeycloakAPIAuthenticationFlowBuilder { private String alias; - private List<KeycloakAPIAuthenticationExecution> authenticationExecutions; + private List<AuthenticationExecutions> authenticationExecutions; private boolean builtIn; private String description; private String id; @@ -45,7 +48,7 @@ public KeycloakAPIAuthenticationFlowBuilder alias(String alias) { * @return this */ public KeycloakAPIAuthenticationFlowBuilder authenticationExecutions( - List<KeycloakAPIAuthenticationExecution> authenticationExecutions) { + List<AuthenticationExecutions> authenticationExecutions) { this.authenticationExecutions = authenticationExecutions; return this; } @@ -57,7 +60,7 @@ public KeycloakAPIAuthenticationFlowBuilder authenticationExecutions( * @return this */ public KeycloakAPIAuthenticationFlowBuilder authenticationExecutions( - KeycloakAPIAuthenticationExecution authenticationExecution) { + AuthenticationExecutions authenticationExecution) { if (authenticationExecutions == null) { authenticationExecutions = new ArrayList<>(); } @@ -120,8 +123,8 @@ public KeycloakAPIAuthenticationFlowBuilder topLevel(boolean topLevel) { return this; } - public KeycloakAPIAuthenticationFlow build() { - KeycloakAPIAuthenticationFlow keycloakAPIAuthenticationFlow = new KeycloakAPIAuthenticationFlow(); + public AuthenticationFlows build() { + AuthenticationFlows keycloakAPIAuthenticationFlow = new AuthenticationFlows(); keycloakAPIAuthenticationFlow.setAlias(alias); keycloakAPIAuthenticationFlow.setAuthenticationExecutions(authenticationExecutions); keycloakAPIAuthenticationFlow.setBuiltIn(builtIn); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfig.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfig.java deleted file mode 100644 index d6fb8ff43..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfig.java +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIAuthenticatorConfig { - - /** - * Alias. - */ - private String alias; - - /** - * Config. - */ - private String config; - - /** - * ID. - */ - private String id; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfigBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfigBuilder.java index 96471f29e..63ad4f9c3 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfigBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIAuthenticatorConfigBuilder.java @@ -15,9 +15,13 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; +import java.util.Map; + +import org.keycloak.v1alpha1.keycloakrealmspec.realm.AuthenticatorConfig; + public final class KeycloakAPIAuthenticatorConfigBuilder { private String alias; - private String config; + private Map<String, String> config; private String id; /** @@ -37,7 +41,7 @@ public KeycloakAPIAuthenticatorConfigBuilder alias(String alias) { * @param config The Config that should be used * @return this */ - public KeycloakAPIAuthenticatorConfigBuilder config(String config) { + public KeycloakAPIAuthenticatorConfigBuilder config(Map<String, String> config) { this.config = config; return this; } @@ -53,8 +57,8 @@ public KeycloakAPIAuthenticatorConfigBuilder id(String id) { return this; } - public KeycloakAPIAuthenticatorConfig build() { - KeycloakAPIAuthenticatorConfig keycloakAPIAuthenticatorConfig = new KeycloakAPIAuthenticatorConfig(); + public AuthenticatorConfig build() { + AuthenticatorConfig keycloakAPIAuthenticatorConfig = new AuthenticatorConfig(); keycloakAPIAuthenticatorConfig.setAlias(alias); keycloakAPIAuthenticatorConfig.setConfig(config); keycloakAPIAuthenticatorConfig.setId(id); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealm.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealm.java deleted file mode 100644 index bb0fadc4b..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealm.java +++ /dev/null @@ -1,161 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.Set; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakAPIClient; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakAPIUser; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIRealm { - - private String id; - - /** - * Realm name. - */ - private String realm; - - /** - * Realm enabled flag. - */ - private boolean enabled; - - /** - * Realm display name. - */ - private String displayName; - - /** - * A set of Keycloak Users. - */ - private Set<KeycloakAPIUser> users; - - /** - * A set of Keycloak Clients. - */ - private Set<KeycloakAPIClient> clients; - - /** - * A set of Identity Providers. - */ - private Set<KeycloakIdentityProvider> identityProviders; - - /** - * A set of Event Listeners. - */ - private Set<String> eventsListeners; - - /** - * Enable events recording. - */ - private boolean eventsEnabled; - - /** - * Enable events recording. - */ - private boolean adminEventsEnabled; - - /** - * Enable admin events details. - */ - private boolean adminEventsDetailsEnabled; - // - // /** - // * Client scopes. - // */ - // private List<KeycloakClientScope> clientScopes; - // - // /** - // * Authentication flows. - // */ - // private List<KeycloakAPIAuthenticationFlow> authenticationFlows; - // - // /** - // * Authenticator config. - // */ - // private List<KeycloakAPIAuthenticatorConfig> authenticatorConfig; - // - // /** - // * Point keycloak to an external user provider to validate credentials or pull in identity information. - // */ - // private List<KeycloakAPIUserFederationProvider> userFederationProviders; - // - // /** - // * User federation mappers are extension points triggered by the user federation at various points. - // */ - // private List<KeycloakAPIUserFederationMapper> userFederationMappers; - // - // /** - // * User registration. - // */ - // private boolean registrationAllowed; - // - // /** - // * Email as username. - // */ - // private boolean registrationEmailAsUsername; - // - // /** - // * Edit username. - // */ - // private boolean editUsernameAllowed; - // - // /** - // * Forgot password. - // */ - // private boolean resetPasswordAllowed; - // - // /** - // * Remember me. - // */ - // private boolean rememberMe; - // - // /** - // * Verify email. - // */ - // private boolean verifyEmail; - // - // /** - // * Login with email. - // */ - // private boolean loginWithEmailAllowed; - // - // /** - // * Duplicate emails. - // */ - // private boolean duplicateEmailsAllowed; - // - // /** - // * Require SSL. - // */ - // private String sslRequired; - // -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealmBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealmBuilder.java index e9b2584ee..aeec56a82 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealmBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIRealmBuilder.java @@ -15,29 +15,32 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; -import java.util.HashSet; +import java.util.ArrayList; +import java.util.List; import java.util.Set; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakAPIClient; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakAPIUser; +import org.keycloak.v1alpha1.keycloakrealmspec.Realm; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.Clients; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.IdentityProviders; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.Users; public final class KeycloakAPIRealmBuilder { private String id; private String realm; private boolean enabled; private String displayName; - private Set<KeycloakAPIUser> users; - private Set<KeycloakAPIClient> clients; - private Set<KeycloakIdentityProvider> identityProviders; - private Set<String> eventsListeners; + private List<Users> users; + private List<Clients> clients; + private List<IdentityProviders> identityProviders; + private List<String> eventsListeners; private boolean eventsEnabled; private boolean adminEventsEnabled; private boolean adminEventsDetailsEnabled; // private List<KeycloakClientScope> clientScopes; // private List<KeycloakAPIAuthenticationFlow> authenticationFlows; // private List<KeycloakAPIAuthenticatorConfig> authenticatorConfig; - // private List<KeycloakAPIUserFederationProvider> userFederationProviders; - // private List<KeycloakAPIUserFederationMapper> userFederationMappers; + // private List<UsersFederationProvider> userFederationProviders; + // private List<UsersFederationMapper> userFederationMappers; // private boolean registrationAllowed; // private boolean registrationEmailAsUsername; // private boolean editUsernameAllowed; @@ -89,10 +92,10 @@ public KeycloakAPIRealmBuilder displayName(String displayName) { /** * Set Keycloak users * - * @param users A {@link Set} of {@link KeycloakAPIUser} instances + * @param users A {@link Set} of {@link Users} instances * @return this */ - public KeycloakAPIRealmBuilder users(Set<KeycloakAPIUser> users) { + public KeycloakAPIRealmBuilder users(List<Users> users) { this.users = users; return this; } @@ -100,12 +103,12 @@ public KeycloakAPIRealmBuilder users(Set<KeycloakAPIUser> users) { /** * Add one Keycloak User * - * @param user The {@link KeycloakAPIUser} instance representing the user that should be added + * @param user The {@link Users} instance representing the user that should be added * @return this */ - public KeycloakAPIRealmBuilder users(KeycloakAPIUser user) { + public KeycloakAPIRealmBuilder users(Users user) { if (users == null) { - users = new HashSet<>(); + users = new ArrayList<>(); } users.add(user); return this; @@ -114,10 +117,10 @@ public KeycloakAPIRealmBuilder users(KeycloakAPIUser user) { /** * Set Keycloak Clients. * - * @param clients A {@link Set} of {@link KeycloakAPIClient} instances + * @param clients A {@link Set} of {@link Clients} instances * @return this */ - public KeycloakAPIRealmBuilder clients(Set<KeycloakAPIClient> clients) { + public KeycloakAPIRealmBuilder clients(List<Clients> clients) { this.clients = clients; return this; } @@ -125,12 +128,12 @@ public KeycloakAPIRealmBuilder clients(Set<KeycloakAPIClient> clients) { /** * Add one Keycloak Client. * - * @param client The {@link KeycloakAPIClient} instance representing the client that should be added + * @param client The {@link Clients} instance representing the client that should be added * @return this */ - public KeycloakAPIRealmBuilder clients(KeycloakAPIClient client) { + public KeycloakAPIRealmBuilder clients(Clients client) { if (clients == null) { - clients = new HashSet<>(); + clients = new ArrayList<>(); } clients.add(client); return this; @@ -139,10 +142,10 @@ public KeycloakAPIRealmBuilder clients(KeycloakAPIClient client) { /** * Set Identity Providers. * - * @param identityProviders A {@link Set} of {@link KeycloakIdentityProvider} instances + * @param identityProviders A {@link Set} of {@link IdentityProviders} instances * @return this */ - public KeycloakAPIRealmBuilder identityProviders(Set<KeycloakIdentityProvider> identityProviders) { + public KeycloakAPIRealmBuilder identityProviders(List<IdentityProviders> identityProviders) { this.identityProviders = identityProviders; return this; } @@ -150,13 +153,13 @@ public KeycloakAPIRealmBuilder identityProviders(Set<KeycloakIdentityProvider> i /** * Add one Identity Provider. * - * @param identityProvider The {@link KeycloakIdentityProvider} instance representing the identity provider that + * @param identityProvider The {@link IdentityProviders} instance representing the identity provider that * should be added * @return this */ - public KeycloakAPIRealmBuilder identityProviders(KeycloakIdentityProvider identityProvider) { + public KeycloakAPIRealmBuilder identityProviders(IdentityProviders identityProvider) { if (identityProviders == null) { - identityProviders = new HashSet<>(); + identityProviders = new ArrayList<>(); } identityProviders.add(identityProvider); return this; @@ -168,7 +171,7 @@ public KeycloakAPIRealmBuilder identityProviders(KeycloakIdentityProvider identi * @param eventsListeners A {@link Set} of events listeners * @return this */ - public KeycloakAPIRealmBuilder eventsListeners(Set<String> eventsListeners) { + public KeycloakAPIRealmBuilder eventsListeners(List<String> eventsListeners) { this.eventsListeners = eventsListeners; return this; } @@ -182,7 +185,7 @@ public KeycloakAPIRealmBuilder eventsListeners(Set<String> eventsListeners) { */ public KeycloakAPIRealmBuilder eventsListeners(String eventsListener) { if (eventsListeners == null) { - eventsListeners = new HashSet<>(); + eventsListeners = new ArrayList<>(); } eventsListeners.add(eventsListener); return this; @@ -281,7 +284,7 @@ public KeycloakAPIRealmBuilder adminEventsDetailsEnabled(boolean adminEventsDeta // /** // * Point keycloak to an external user provider to validate credentials or pull in identity information. // */ - // public KeycloakAPIRealmBuilder userFederationProviders(List<KeycloakAPIUserFederationProvider> userFederationProviders) { + // public KeycloakAPIRealmBuilder userFederationProviders(List<UsersFederationProvider> userFederationProviders) { // this.userFederationProviders = userFederationProviders; // return this; // } @@ -289,7 +292,7 @@ public KeycloakAPIRealmBuilder adminEventsDetailsEnabled(boolean adminEventsDeta // /** // * Add external user provider to validate credentials or pull in identity information. // */ - // public KeycloakAPIRealmBuilder userFederationProviders(KeycloakAPIUserFederationProvider userFederationProvider) { + // public KeycloakAPIRealmBuilder userFederationProviders(UsersFederationProvider userFederationProvider) { // if (userFederationProviders == null) { // userFederationProviders = new ArrayList<>(); // } @@ -300,7 +303,7 @@ public KeycloakAPIRealmBuilder adminEventsDetailsEnabled(boolean adminEventsDeta // /** // * User federation mappers are extension points triggered by the user federation at various points. // */ - // public KeycloakAPIRealmBuilder userFederationMappers(List<KeycloakAPIUserFederationMapper> userFederationMappers) { + // public KeycloakAPIRealmBuilder userFederationMappers(List<UsersFederationMapper> userFederationMappers) { // this.userFederationMappers = userFederationMappers; // return this; // } @@ -309,7 +312,7 @@ public KeycloakAPIRealmBuilder adminEventsDetailsEnabled(boolean adminEventsDeta // * Add user federation mapper. User federation mappers are extension points triggered by the user federation at // * various points. // */ - // public KeycloakAPIRealmBuilder userFederationMappers(KeycloakAPIUserFederationMapper userFederationMapper) { + // public KeycloakAPIRealmBuilder userFederationMappers(UsersFederationMapper userFederationMapper) { // if (userFederationMappers == null) { // userFederationMappers = new ArrayList<>(); // } @@ -389,8 +392,8 @@ public KeycloakAPIRealmBuilder adminEventsDetailsEnabled(boolean adminEventsDeta // return this; // } - public KeycloakAPIRealm build() { - KeycloakAPIRealm keycloakAPIRealm = new KeycloakAPIRealm(); + public Realm build() { + Realm keycloakAPIRealm = new Realm(); keycloakAPIRealm.setId(id); keycloakAPIRealm.setRealm(realm); keycloakAPIRealm.setEnabled(enabled); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapper.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapper.java deleted file mode 100644 index f56e42666..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapper.java +++ /dev/null @@ -1,51 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIUserFederationMapper { - - /** - * User federation mapper config. - */ - private Map<String, String> config; - - private String name; - - private String id; - - private String federationMapperType; - - /** - * The displayName for the user federation provider this mapper applies to. - */ - private String federationProviderDisplayName; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapperBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapperBuilder.java index 16a1bb57a..2c6d932e5 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapperBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationMapperBuilder.java @@ -18,6 +18,8 @@ import java.util.HashMap; import java.util.Map; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.UserFederationMappers; + public final class KeycloakAPIUserFederationMapperBuilder { private Map<String, String> config; private String name; @@ -95,8 +97,8 @@ public KeycloakAPIUserFederationMapperBuilder federationProviderDisplayName(Stri return this; } - public KeycloakAPIUserFederationMapper build() { - KeycloakAPIUserFederationMapper keycloakAPIUserFederationMapper = new KeycloakAPIUserFederationMapper(); + public UserFederationMappers build() { + UserFederationMappers keycloakAPIUserFederationMapper = new UserFederationMappers(); keycloakAPIUserFederationMapper.setConfig(config); keycloakAPIUserFederationMapper.setName(name); keycloakAPIUserFederationMapper.setId(id); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProvider.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProvider.java deleted file mode 100644 index ac9d4af46..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProvider.java +++ /dev/null @@ -1,62 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIUserFederationProvider { - - /** - * User federation provider config. - */ - private Map<String, String> config; - - /** - * The display name of this provider instance. - */ - private String displayName; - - private int fullSyncPeriod; - - /** - * The ID of this provider. - */ - private String id; - - /** - * The priority of this provider when looking up users or adding a user. - */ - private int priority; - - /** - * The name of the user provider, such as "ldap", "kerberos" or a custom SPI. - */ - private String providerName; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProviderBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProviderBuilder.java index 7e60d4b48..bbd6bac0c 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProviderBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakAPIUserFederationProviderBuilder.java @@ -18,6 +18,8 @@ import java.util.HashMap; import java.util.Map; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.UserFederationProviders; + public final class KeycloakAPIUserFederationProviderBuilder { private Map<String, String> config; private String displayName; @@ -101,8 +103,8 @@ public KeycloakAPIUserFederationProviderBuilder providerName(String providerName return this; } - public KeycloakAPIUserFederationProvider build() { - KeycloakAPIUserFederationProvider keycloakAPIUserFederationProvider = new KeycloakAPIUserFederationProvider(); + public UserFederationProviders build() { + UserFederationProviders keycloakAPIUserFederationProvider = new UserFederationProviders(); keycloakAPIUserFederationProvider.setConfig(config); keycloakAPIUserFederationProvider.setDisplayName(displayName); keycloakAPIUserFederationProvider.setFullSyncPeriod(fullSyncPeriod); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScope.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScope.java deleted file mode 100644 index e7a4fa120..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScope.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.List; -import java.util.Map; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakProtocolMapper; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakClientScope { - - private Map<String, String> attributes; - - private String description; - - private String id; - - private String name; - - private String protocol; - - /** - * Protocol Mappers. - */ - private List<KeycloakProtocolMapper> protocolMappers; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScopeBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScopeBuilder.java index d0dceef96..451fb0a98 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScopeBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakClientScopeBuilder.java @@ -19,7 +19,8 @@ import java.util.List; import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.client.spec.KeycloakProtocolMapper; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.ClientScopes; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.clientscopes.ProtocolMappers; public final class KeycloakClientScopeBuilder { private Map<String, String> attributes; @@ -27,7 +28,7 @@ public final class KeycloakClientScopeBuilder { private String id; private String name; private String protocol; - private List<KeycloakProtocolMapper> protocolMappers; + private List<ProtocolMappers> protocolMappers; /** * Add a list of attributes. @@ -105,13 +106,13 @@ public KeycloakClientScopeBuilder protocol(String protocol) { * @param protocolMappers A list of protocol mappers that should be used * @return this */ - public KeycloakClientScopeBuilder protocolMappers(List<KeycloakProtocolMapper> protocolMappers) { + public KeycloakClientScopeBuilder protocolMappers(List<ProtocolMappers> protocolMappers) { this.protocolMappers = protocolMappers; return this; } - public KeycloakClientScope build() { - KeycloakClientScope keycloakClientScope = new KeycloakClientScope(); + public ClientScopes build() { + ClientScopes keycloakClientScope = new ClientScopes(); keycloakClientScope.setAttributes(attributes); keycloakClientScope.setDescription(description); keycloakClientScope.setId(id); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProvider.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProvider.java deleted file mode 100644 index af3085312..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProvider.java +++ /dev/null @@ -1,95 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakIdentityProvider { - - /** - * Identity Provider Alias. - */ - private String alias; - - /** - * Identity Provider Display Name. - */ - private String displayName; - - /** - * Identity Provider Internal ID. - */ - private String internalId; - - /** - * Identity Provider ID. - */ - private String providerId; - - /** - * Identity Provider enabled flag. - */ - private boolean enabled; - - /** - * Identity Provider Trust Email. - */ - private boolean trustEmail; - - /** - * Identity Provider Store to Token. - */ - private boolean storeToken; - - /** - * Adds Read Token role when creating this Identity Provider. - */ - private boolean addReadTokenRoleOnCreate; - - /** - * Identity Provider First Broker Login Flow Alias. - */ - private String firstBrokerLoginFlowAlias; - - /** - * Identity Provider Post Broker Login Flow Alias. - */ - private String postBrokerLoginFlowAlias; - - /** - * Identity Provider Link Only setting. - */ - private boolean linkOnly; - - /** - * Identity Provider config. - */ - private Map<String, String> omitempty; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProviderBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProviderBuilder.java index 8e56f934a..f9fc52edd 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProviderBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakIdentityProviderBuilder.java @@ -18,6 +18,8 @@ import java.util.HashMap; import java.util.Map; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.IdentityProviders; + public final class KeycloakIdentityProviderBuilder { private String alias; private String displayName; @@ -179,8 +181,8 @@ public KeycloakIdentityProviderBuilder omitempty(String key, String value) { return this; } - public KeycloakIdentityProvider build() { - KeycloakIdentityProvider keycloakIdentityProvider = new KeycloakIdentityProvider(); + public IdentityProviders build() { + IdentityProviders keycloakIdentityProvider = new IdentityProviders(); keycloakIdentityProvider.setAlias(alias); keycloakIdentityProvider.setDisplayName(displayName); keycloakIdentityProvider.setInternalId(internalId); @@ -192,7 +194,7 @@ public KeycloakIdentityProvider build() { keycloakIdentityProvider.setFirstBrokerLoginFlowAlias(firstBrokerLoginFlowAlias); keycloakIdentityProvider.setPostBrokerLoginFlowAlias(postBrokerLoginFlowAlias); keycloakIdentityProvider.setLinkOnly(linkOnly); - keycloakIdentityProvider.setOmitempty(omitempty); + ///keycloakIdentityProvider.setOmitempty(omitempty); return keycloakIdentityProvider; } } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakRealmSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakRealmSpec.java deleted file mode 100644 index ea7c27e34..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/KeycloakRealmSpec.java +++ /dev/null @@ -1,60 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import java.util.List; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.LabelSelector; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakRealmSpec defines the desired state of KeycloakRealm. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakRealmSpec { - - // /** - // * When set to true, this KeycloakRealm will be marked as unmanaged and not be managed by this operator. - // * It can then be used for targeting purposes. - // */ - // private boolean unmanaged; - - /** - * Selector for looking up Keycloak Custom Resources. - */ - private LabelSelector instanceSelector; - - /** - * Keycloak Realm REST object. - */ - private KeycloakAPIRealm realm; - - /** - * A list of overrides to the default Realm behavior. - */ - private List<RedirectorIdentityProviderOverride> realmOverrides; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverride.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverride.java deleted file mode 100644 index 99a305a88..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverride.java +++ /dev/null @@ -1,43 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class RedirectorIdentityProviderOverride { - - /** - * Identity Provider to be overridden. - */ - private String identityProvider; - - /** - * Flow to be overridden. - */ - private String forFlow; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverrideBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverrideBuilder.java index 91d3716bf..655e3b866 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverrideBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/spec/RedirectorIdentityProviderOverrideBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.spec; +import org.keycloak.v1alpha1.keycloakrealmspec.RealmOverrides; + public final class RedirectorIdentityProviderOverrideBuilder { private String identityProvider; private String forFlow; @@ -41,8 +43,8 @@ public RedirectorIdentityProviderOverrideBuilder forFlow(String forFlow) { return this; } - public RedirectorIdentityProviderOverride build() { - RedirectorIdentityProviderOverride redirectorIdentityProviderOverride = new RedirectorIdentityProviderOverride(); + public RealmOverrides build() { + RealmOverrides redirectorIdentityProviderOverride = new RealmOverrides(); redirectorIdentityProviderOverride.setIdentityProvider(identityProvider); redirectorIdentityProviderOverride.setForFlow(forFlow); return redirectorIdentityProviderOverride; diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/status/KeycloakRealmStatus.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/status/KeycloakRealmStatus.java deleted file mode 100644 index 59ad13fd7..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/realm/status/KeycloakRealmStatus.java +++ /dev/null @@ -1,61 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.realm.status; - -import java.util.List; -import java.util.Map; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakRealmStatus defines the observed state of KeycloakRealm. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakRealmStatus { - /** - * Current phase of the operator. - */ - private String phase; - - /** - * Human-readable message indicating details about current operator phase or error. - */ - private String message; - - /** - * True if all resources are in a ready state and all work is done. - */ - private boolean ready; - - /** - * A map of all the secondary resources types and names created for this CR. - * e.g "Deployment": [ "DeploymentName1", "DeploymentName2" ]. - */ - private Map<String, List<String>> secondaryResources; - - private String loginURL; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUser.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUser.java deleted file mode 100644 index 2da07a9fe..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUser.java +++ /dev/null @@ -1,68 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user; - -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakUserSpec; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.status.KeycloakUserStatus; -import org.jboss.intersmash.tools.provision.openshift.operator.resources.OpenShiftResource; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.ObjectMeta; -import io.fabric8.kubernetes.client.CustomResource; -import io.fabric8.kubernetes.model.annotation.Group; -import io.fabric8.kubernetes.model.annotation.Version; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * https://github.com/keycloak/keycloak-operator/blob/master/pkg/apis/keycloak/v1alpha1/keycloakuser_types.go - * https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakusers_crd.yaml - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -@Group("keycloak.org") -@Version("v1alpha1") -public class KeycloakUser extends CustomResource implements OpenShiftResource<KeycloakUser> { - /** - * Standard object’s metadata. - */ - private ObjectMeta metadata; - - /** - * KeycloakUserSpec defines the desired state of KeycloakUser. - */ - private KeycloakUserSpec spec; - - /** - * KeycloakUserStatus defines the observed state of KeycloakUser. - */ - private KeycloakUserStatus status; - - @Override - public KeycloakUser load(KeycloakUser loaded) { - this.setMetadata(loaded.getMetadata()); - this.setSpec(loaded.getSpec()); - return this; - } -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserBuilder.java index f65cabbeb..2b2bc199e 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserBuilder.java @@ -17,17 +17,18 @@ import java.util.Map; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakAPIUser; -import org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec.KeycloakUserSpec; +import org.keycloak.v1alpha1.KeycloakUser; +import org.keycloak.v1alpha1.KeycloakUserSpec; +import org.keycloak.v1alpha1.keycloakuserspec.RealmSelector; +import org.keycloak.v1alpha1.keycloakuserspec.User; -import io.fabric8.kubernetes.api.model.LabelSelector; import io.fabric8.kubernetes.api.model.ObjectMeta; public final class KeycloakUserBuilder { private String name; private Map<String, String> labels; - private LabelSelector realmSelector; - private KeycloakAPIUser user; + private RealmSelector realmSelector; + private User user; /** * Initialize the {@link KeycloakUserBuilder} with given resource name. @@ -55,7 +56,7 @@ public KeycloakUserBuilder(String name, Map<String, String> labels) { * @param realmSelector The selector for looking up KeycloakRealm Custom Resources * @return this */ - public KeycloakUserBuilder realmSelector(LabelSelector realmSelector) { + public KeycloakUserBuilder realmSelector(RealmSelector realmSelector) { this.realmSelector = realmSelector; return this; } @@ -66,7 +67,7 @@ public KeycloakUserBuilder realmSelector(LabelSelector realmSelector) { * @param user The Keycloak User REST object. * @return this */ - public KeycloakUserBuilder user(KeycloakAPIUser user) { + public KeycloakUserBuilder user(User user) { this.user = user; return this; } diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserList.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserList.java index 7a4b1fa2a..b723a1f4d 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserList.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/KeycloakUserList.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user; +import org.keycloak.v1alpha1.KeycloakUser; + import io.fabric8.kubernetes.client.CustomResourceList; public class KeycloakUserList extends CustomResourceList<KeycloakUser> { diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentity.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentity.java deleted file mode 100644 index fb2887d2a..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentity.java +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class FederatedIdentity { - - /** - * Federated Identity Provider. - */ - private String identityProvider; - - /** - * Federated Identity User ID. - */ - private String userId; - - /** - * Federated Identity User Name. - */ - private String userName; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentityBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentityBuilder.java index 93ff69535..e6239ee2f 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentityBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/FederatedIdentityBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; +import org.keycloak.v1alpha1.keycloakuserspec.user.FederatedIdentities; + public final class FederatedIdentityBuilder { private String identityProvider; private String userId; @@ -53,8 +55,8 @@ public FederatedIdentityBuilder userName(String userName) { return this; } - public FederatedIdentity build() { - FederatedIdentity federatedIdentity = new FederatedIdentity(); + public FederatedIdentities build() { + FederatedIdentities federatedIdentity = new FederatedIdentities(); federatedIdentity.setIdentityProvider(identityProvider); federatedIdentity.setUserId(userId); federatedIdentity.setUserName(userName); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUser.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUser.java deleted file mode 100644 index eb889b6ad..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUser.java +++ /dev/null @@ -1,107 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; - -import java.util.List; -import java.util.Map; -import java.util.Set; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakAPIUser { - - /** - * User ID. - */ - private String id; - - /** - * User Name. - */ - private String username; - - /** - * First Name. - */ - private String firstName; - - /** - * Last Name. - */ - private String lastName; - - /** - * Email. - */ - private String email; - - /** - * True if email has already been verified. - */ - private boolean emailVerified; - - /** - * User enabled flag. - */ - private boolean enabled; - - /** - * A set of Realm Roles. - */ - private Set<String> realmRoles; - - /** - * A set of Client Roles. - */ - private Map<String, List<String>> clientRoles; - - /** - * A set of Required Actions - */ - private Set<String> requiredActions; - - /** - * A set of Groups. - */ - private Set<String> groups; - - /** - * A set of Federated Identities. - */ - private Set<FederatedIdentity> federatedIdentities; - - /** - * A set of Credentials. - */ - private Set<KeycloakCredential> credentials; - - // /** - // * A set of Attributes. - // */ - // private Map<String, List<String>> attributes; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUserBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUserBuilder.java index 10aa32dc8..2ea7f43e8 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUserBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakAPIUserBuilder.java @@ -15,11 +15,14 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; +import java.util.ArrayList; import java.util.HashMap; -import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Set; + +import org.keycloak.v1alpha1.keycloakrealmspec.realm.Users; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.users.Credentials; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.users.FederatedIdentities; public final class KeycloakAPIUserBuilder { private String id; @@ -29,12 +32,12 @@ public final class KeycloakAPIUserBuilder { private String email; private boolean emailVerified; private boolean enabled; - private Set<String> realmRoles; + private List<String> realmRoles; private Map<String, List<String>> clientRoles; - private Set<String> requiredActions; - private Set<String> groups; - private Set<FederatedIdentity> federatedIdentities; - private Set<KeycloakCredential> credentials; + private List<String> requiredActions; + private List<String> groups; + private List<FederatedIdentities> federatedIdentities; + private List<Credentials> credentials; // private Map<String, List<String>> attributes; /** @@ -120,7 +123,7 @@ public KeycloakAPIUserBuilder enabled(boolean enabled) { * @param realmRoles A set of Realm Roles that should be added the user * @return this */ - public KeycloakAPIUserBuilder realmRoles(Set<String> realmRoles) { + public KeycloakAPIUserBuilder realmRoles(List<String> realmRoles) { this.realmRoles = realmRoles; return this; } @@ -133,7 +136,7 @@ public KeycloakAPIUserBuilder realmRoles(Set<String> realmRoles) { */ public KeycloakAPIUserBuilder realmRoles(String realmRole) { if (realmRoles == null) { - realmRoles = new HashSet<>(); + realmRoles = new ArrayList<>(); } realmRoles.add(realmRole); return this; @@ -171,7 +174,7 @@ public KeycloakAPIUserBuilder clientRole(String clientRole, List<String> additio * @param requiredActions A set of Required Actions that should be added the user * @return this */ - public KeycloakAPIUserBuilder requiredActions(Set<String> requiredActions) { + public KeycloakAPIUserBuilder requiredActions(List<String> requiredActions) { this.requiredActions = requiredActions; return this; } @@ -184,7 +187,7 @@ public KeycloakAPIUserBuilder requiredActions(Set<String> requiredActions) { */ public KeycloakAPIUserBuilder requiredActions(String requiredAction) { if (requiredActions == null) { - requiredActions = new HashSet<>(); + requiredActions = new ArrayList<>(); } requiredActions.add(requiredAction); return this; @@ -196,7 +199,7 @@ public KeycloakAPIUserBuilder requiredActions(String requiredAction) { * @param groups A set of Groups that should be added the user * @return this */ - public KeycloakAPIUserBuilder groups(Set<String> groups) { + public KeycloakAPIUserBuilder groups(List<String> groups) { this.groups = groups; return this; } @@ -209,7 +212,7 @@ public KeycloakAPIUserBuilder groups(Set<String> groups) { */ public KeycloakAPIUserBuilder groups(String group) { if (groups == null) { - groups = new HashSet<>(); + groups = new ArrayList<>(); } groups.add(group); return this; @@ -221,7 +224,7 @@ public KeycloakAPIUserBuilder groups(String group) { * @param federatedIdentities A set of Federated Identities that should be added the user * @return this */ - public KeycloakAPIUserBuilder federatedIdentities(Set<FederatedIdentity> federatedIdentities) { + public KeycloakAPIUserBuilder federatedIdentities(List<FederatedIdentities> federatedIdentities) { this.federatedIdentities = federatedIdentities; return this; } @@ -232,9 +235,9 @@ public KeycloakAPIUserBuilder federatedIdentities(Set<FederatedIdentity> federat * @param federatedIdentity The Federated Identity that should be added to the user ones * @return this */ - public KeycloakAPIUserBuilder federatedIdentities(FederatedIdentity federatedIdentity) { + public KeycloakAPIUserBuilder federatedIdentities(FederatedIdentities federatedIdentity) { if (federatedIdentities == null) { - federatedIdentities = new HashSet<>(); + federatedIdentities = new ArrayList<>(); } federatedIdentities.add(federatedIdentity); return this; @@ -246,7 +249,7 @@ public KeycloakAPIUserBuilder federatedIdentities(FederatedIdentity federatedIde * @param credentials A set of credential that should be added the user * @return this */ - public KeycloakAPIUserBuilder credentials(Set<KeycloakCredential> credentials) { + public KeycloakAPIUserBuilder credentials(List<Credentials> credentials) { this.credentials = credentials; return this; } @@ -257,9 +260,9 @@ public KeycloakAPIUserBuilder credentials(Set<KeycloakCredential> credentials) { * @param credential The credential that should be added to the user ones * @return this */ - public KeycloakAPIUserBuilder credentials(KeycloakCredential credential) { + public KeycloakAPIUserBuilder credentials(Credentials credential) { if (credentials == null) { - credentials = new HashSet<>(); + credentials = new ArrayList<>(); } credentials.add(credential); return this; @@ -284,8 +287,8 @@ public KeycloakAPIUserBuilder credentials(KeycloakCredential credential) { // return this; // } - public KeycloakAPIUser build() { - KeycloakAPIUser keycloakAPIUser = new KeycloakAPIUser(); + public Users build() { + Users keycloakAPIUser = new Users(); keycloakAPIUser.setId(id); keycloakAPIUser.setUsername(username); keycloakAPIUser.setFirstName(firstName); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredential.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredential.java deleted file mode 100644 index 30f1dd0af..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredential.java +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakCredential { - - /** - * Credential Type. - */ - private String type; - - /** - * Credential Value. - */ - private String value; - - /** - * True if this credential object is temporary. - */ - private boolean temporary; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredentialBuilder.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredentialBuilder.java index 3ab568d42..145b53e85 100644 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredentialBuilder.java +++ b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakCredentialBuilder.java @@ -15,6 +15,8 @@ */ package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; +import org.keycloak.v1alpha1.keycloakrealmspec.realm.users.Credentials; + public final class KeycloakCredentialBuilder { private String type; private String value; @@ -53,8 +55,8 @@ public KeycloakCredentialBuilder temporary(boolean temporary) { return this; } - public KeycloakCredential build() { - KeycloakCredential keycloakCredential = new KeycloakCredential(); + public Credentials build() { + Credentials keycloakCredential = new Credentials(); keycloakCredential.setType(type); keycloakCredential.setValue(value); keycloakCredential.setTemporary(temporary); diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakUserSpec.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakUserSpec.java deleted file mode 100644 index 9ed9d90c9..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/spec/KeycloakUserSpec.java +++ /dev/null @@ -1,46 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.spec; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import io.fabric8.kubernetes.api.model.LabelSelector; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakUserSpec defines the desired state of KeycloakUser. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakUserSpec { - /** - * Selector for looking up KeycloakRealm Custom Resources. - */ - private LabelSelector realmSelector; - - /** - * Keycloak User REST object. - */ - private KeycloakAPIUser user; -} diff --git a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/status/KeycloakUserStatus.java b/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/status/KeycloakUserStatus.java deleted file mode 100644 index 780bd8550..000000000 --- a/tools/intersmash-tools-provisioners/src/main/java/org/jboss/intersmash/tools/provision/openshift/operator/keycloak/user/status/KeycloakUserStatus.java +++ /dev/null @@ -1,46 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jboss.intersmash.tools.provision.openshift.operator.keycloak.user.status; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -/** - * KeycloakUserStatus defines the observed state of KeycloakUser. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@Getter -@Setter -@EqualsAndHashCode -@ToString -public class KeycloakUserStatus { - - /** - * Human-readable message indicating details about current operator phase or error. - */ - private String message; - - /** - * Current phase of the operator. - */ - private String phase; -} diff --git a/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakbackups_crd.yaml b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakbackups_crd.yaml new file mode 100644 index 000000000..b002f0fbc --- /dev/null +++ b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakbackups_crd.yaml @@ -0,0 +1,153 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: keycloakbackups.keycloak.org +spec: + group: keycloak.org + names: + kind: KeycloakBackup + listKind: KeycloakBackupList + plural: keycloakbackups + singular: keycloakbackup + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KeycloakBackup is the Schema for the keycloakbackups API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeycloakBackupSpec defines the desired state of KeycloakBackup. + properties: + aws: + description: If provided, an automatic database backup will be created + on AWS S3 instead of a local Persistent Volume. If this property + is not provided - a local Persistent Volume backup will be chosen. + properties: + credentialsSecretName: + description: "Provides a secret name used for connecting to AWS + S3 Service. The secret needs to be in the following form: \n + \ apiVersion: v1 kind: Secret metadata: name: + <Secret name> type: Opaque stringData: AWS_S3_BUCKET_NAME: + <S3 Bucket Name> AWS_ACCESS_KEY_ID: <AWS Access Key ID> + \ AWS_SECRET_ACCESS_KEY: <AWS Secret Key> \n For more information, + please refer to the Operator documentation." + type: string + encryptionKeySecretName: + description: "If provided, the database backup will be encrypted. + Provides a secret name used for encrypting database data. The + secret needs to be in the following form: \n apiVersion: + v1 kind: Secret metadata: name: <Secret name> + \ type: Opaque stringData: GPG_PUBLIC_KEY: <GPG + Public Key> GPG_TRUST_MODEL: <GPG Trust Model> GPG_RECIPIENT: + <GPG Recipient> \n For more information, please refer to the + Operator documentation." + type: string + schedule: + description: If specified, it will be used as a schedule for creating + a CronJob. + type: string + type: object + instanceSelector: + description: Selector for looking up Keycloak Custom Resources. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + restore: + description: "Controls automatic restore behavior. Currently not implemented. + \n In the future this will be used to trigger automatic restore + for a given KeycloakBackup. Each backup will correspond to a single + snapshot of the database (stored either in a Persistent Volume or + AWS). If a user wants to restore it, all he/she needs to do is to + change this flag to true. Potentially, it will be possible to restore + a single backup multiple times." + type: boolean + storageClassName: + description: Name of the StorageClass for Postgresql Backup Persistent + Volume Claim + type: string + type: object + status: + description: KeycloakBackupStatus defines the observed state of KeycloakBackup. + properties: + message: + description: Human-readable message indicating details about current + operator phase or error. + type: string + phase: + description: Current phase of the operator. + type: string + ready: + description: True if all resources are in a ready state and all work + is done. + type: boolean + secondaryResources: + additionalProperties: + items: + type: string + type: array + description: 'A map of all the secondary resources types and names + created for this CR. e.g "Deployment": [ "DeploymentName1", "DeploymentName2" + ]' + type: object + required: + - message + - phase + - ready + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakclients_crd.yaml b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakclients_crd.yaml new file mode 100644 index 000000000..551e6f510 --- /dev/null +++ b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakclients_crd.yaml @@ -0,0 +1,848 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: keycloakclients.keycloak.org +spec: + group: keycloak.org + names: + kind: KeycloakClient + listKind: KeycloakClientList + plural: keycloakclients + singular: keycloakclient + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KeycloakClient is the Schema for the keycloakclients API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeycloakClientSpec defines the desired state of KeycloakClient. + properties: + client: + description: Keycloak Client REST object. + properties: + access: + additionalProperties: + type: boolean + description: Access options. + type: object + adminUrl: + description: Application Admin URL. + type: string + attributes: + additionalProperties: + type: string + description: Client Attributes. + type: object + authenticationFlowBindingOverrides: + additionalProperties: + type: string + description: Authentication Flow Binding Overrides. + type: object + authorizationServicesEnabled: + description: True if fine-grained authorization support is enabled + for this client. + type: boolean + authorizationSettings: + description: Authorization settings for this resource server. + properties: + allowRemoteResourceManagement: + description: True if resources should be managed remotely + by the resource server. + type: boolean + clientId: + description: Client ID. + type: string + decisionStrategy: + description: The decision strategy dictates how permissions + are evaluated and how a final decision is obtained. 'Affirmative' + means that at least one permission must evaluate to a positive + decision in order to grant access to a resource and its + scopes. 'Unanimous' means that all permissions must evaluate + to a positive decision in order for the final decision to + be also positive. + type: string + id: + description: ID. + type: string + name: + description: Name. + type: string + policies: + description: Policies. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_policyrepresentation + properties: + config: + additionalProperties: + type: string + description: Config. + type: object + decisionStrategy: + description: The decision strategy dictates how the + policies associated with a given permission are evaluated + and how a final decision is obtained. 'Affirmative' + means that at least one policy must evaluate to a + positive decision in order for the final decision + to be also positive. 'Unanimous' means that all policies + must evaluate to a positive decision in order for + the final decision to be also positive. 'Consensus' + means that the number of positive decisions must be + greater than the number of negative decisions. If + the number of positive and negative is the same, the + final decision will be negative. + type: string + description: + description: A description for this policy. + type: string + id: + description: ID. + type: string + logic: + description: The logic dictates how the policy decision + should be made. If 'Positive', the resulting effect + (permit or deny) obtained during the evaluation of + this policy will be used to perform a decision. If + 'Negative', the resulting effect will be negated, + in other words, a permit becomes a deny and vice-versa. + type: string + name: + description: The name of this policy. + type: string + owner: + description: Owner. + type: string + policies: + description: Policies. + items: + type: string + type: array + resources: + description: Resources. + items: + type: string + type: array + resourcesData: + description: Resources Data. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with the + resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + ownerManagedAccess: + description: True if the access to this resource + can be managed by the resource owner. + type: boolean + scopes: + description: The scopes associated with this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. It can + be used to group different resource instances + with the same type. + type: string + uris: + description: Set of URIs which are protected by + resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Scopes. + items: + type: string + type: array + scopesData: + description: Scopes Data. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: Type. + type: string + type: object + type: array + policyEnforcementMode: + description: The policy enforcement mode dictates how policies + are enforced when evaluating authorization requests. 'Enforcing' + means requests are denied by default even when there is + no policy associated with a given resource. 'Permissive' + means requests are allowed even when there is no policy + associated with a given resource. 'Disabled' completely + disables the evaluation of policies and allows access to + any resource. + type: string + resources: + description: Resources. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with the resource. + type: object + displayName: + description: A unique name for this resource. The name + can be used to uniquely identify a resource, useful + when querying for a specific resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. The name + can be used to uniquely identify a resource, useful + when querying for a specific resource. + type: string + ownerManagedAccess: + description: True if the access to this resource can + be managed by the resource owner. + type: boolean + scopes: + description: The scopes associated with this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. It can be used + to group different resource instances with the same + type. + type: string + uris: + description: Set of URIs which are protected by resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Authorization Scopes. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_scoperepresentation + properties: + displayName: + description: A unique name for this scope. The name + can be used to uniquely identify a scope, useful when + querying for a specific scope. + type: string + iconUri: + description: An URI pointing to an icon. + type: string + id: + description: ID. + type: string + name: + description: A unique name for this scope. The name + can be used to uniquely identify a scope, useful when + querying for a specific scope. + type: string + policies: + description: Policies. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_policyrepresentation + properties: + config: + additionalProperties: + type: string + description: Config. + type: object + decisionStrategy: + description: The decision strategy dictates how + the policies associated with a given permission + are evaluated and how a final decision is obtained. + 'Affirmative' means that at least one policy + must evaluate to a positive decision in order + for the final decision to be also positive. + 'Unanimous' means that all policies must evaluate + to a positive decision in order for the final + decision to be also positive. 'Consensus' means + that the number of positive decisions must be + greater than the number of negative decisions. + If the number of positive and negative is the + same, the final decision will be negative. + type: string + description: + description: A description for this policy. + type: string + id: + description: ID. + type: string + logic: + description: The logic dictates how the policy + decision should be made. If 'Positive', the + resulting effect (permit or deny) obtained during + the evaluation of this policy will be used to + perform a decision. If 'Negative', the resulting + effect will be negated, in other words, a permit + becomes a deny and vice-versa. + type: string + name: + description: The name of this policy. + type: string + owner: + description: Owner. + type: string + policies: + description: Policies. + items: + type: string + type: array + resources: + description: Resources. + items: + type: string + type: array + resourcesData: + description: Resources Data. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with + the resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + ownerManagedAccess: + description: True if the access to this + resource can be managed by the resource + owner. + type: boolean + scopes: + description: The scopes associated with + this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. + It can be used to group different resource + instances with the same type. + type: string + uris: + description: Set of URIs which are protected + by resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Scopes. + items: + type: string + type: array + scopesData: + description: Scopes Data. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: Type. + type: string + type: object + type: array + resources: + description: Resources. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with the + resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + ownerManagedAccess: + description: True if the access to this resource + can be managed by the resource owner. + type: boolean + scopes: + description: The scopes associated with this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. It can + be used to group different resource instances + with the same type. + type: string + uris: + description: Set of URIs which are protected by + resource. + items: + type: string + type: array + type: object + type: array + type: object + type: array + type: object + baseUrl: + description: Application base URL. + type: string + bearerOnly: + description: True if a client supports only Bearer Tokens. + type: boolean + clientAuthenticatorType: + description: What Client authentication type to use. + type: string + clientId: + description: Client ID. + type: string + consentRequired: + description: True if Consent Screen is required. + type: boolean + defaultClientScopes: + description: A list of default client scopes. Default client scopes + are always applied when issuing OpenID Connect tokens or SAML + assertions for this client. + items: + type: string + type: array + defaultRoles: + description: Default Client roles. + items: + type: string + type: array + description: + description: Client description. + type: string + directAccessGrantsEnabled: + description: True if Direct Grant is enabled. + type: boolean + enabled: + description: Client enabled flag. + type: boolean + frontchannelLogout: + description: True if this client supports Front Channel logout. + type: boolean + fullScopeAllowed: + description: True if Full Scope is allowed. + type: boolean + id: + description: Client ID. If not specified, automatically generated. + type: string + implicitFlowEnabled: + description: True if Implicit flow is enabled. + type: boolean + name: + description: Client name. + type: string + nodeReRegistrationTimeout: + description: Node registration timeout. + type: integer + notBefore: + description: Not Before setting. + type: integer + optionalClientScopes: + description: A list of optional client scopes. Optional client + scopes are applied when issuing tokens for this client, but + only when they are requested by the scope parameter in the OpenID + Connect authorization request. + items: + type: string + type: array + protocol: + description: Protocol used for this Client. + type: string + protocolMappers: + description: Protocol Mappers. + items: + properties: + config: + additionalProperties: + type: string + description: Config options. + type: object + consentRequired: + description: True if Consent Screen is required. + type: boolean + consentText: + description: Text to use for displaying Consent Screen. + type: string + id: + description: Protocol Mapper ID. + type: string + name: + description: Protocol Mapper Name. + type: string + protocol: + description: Protocol to use. + type: string + protocolMapper: + description: Protocol Mapper to use + type: string + type: object + type: array + publicClient: + description: True if this is a public Client. + type: boolean + redirectUris: + description: A list of valid Redirection URLs. + items: + type: string + type: array + rootUrl: + description: Application root URL. + type: string + secret: + description: Client Secret. The Operator will automatically create + a Secret based on this value. + type: string + serviceAccountsEnabled: + description: True if Service Accounts are enabled. + type: boolean + standardFlowEnabled: + description: True if Standard flow is enabled. + type: boolean + surrogateAuthRequired: + description: Surrogate Authentication Required option. + type: boolean + useTemplateConfig: + description: True to use a Template Config. + type: boolean + useTemplateMappers: + description: True to use Template Mappers. + type: boolean + useTemplateScope: + description: True to use Template Scope. + type: boolean + webOrigins: + description: A list of valid Web Origins. + items: + type: string + type: array + required: + - clientId + type: object + realmSelector: + description: Selector for looking up KeycloakRealm Custom Resources. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + roles: + description: Client Roles + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + scopeMappings: + description: Scope Mappings + properties: + clientMappings: + additionalProperties: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_clientmappingsrepresentation + properties: + client: + description: Client + type: string + id: + description: ID + type: string + mappings: + description: Mappings + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + type: array + type: object + description: Client Mappings + type: object + realmMappings: + description: Realm Mappings + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + type: array + type: object + required: + - client + - realmSelector + type: object + status: + description: KeycloakClientStatus defines the observed state of KeycloakClient + properties: + message: + description: Human-readable message indicating details about current + operator phase or error. + type: string + phase: + description: Current phase of the operator. + type: string + ready: + description: True if all resources are in a ready state and all work + is done. + type: boolean + secondaryResources: + additionalProperties: + items: + type: string + type: array + description: 'A map of all the secondary resources types and names + created for this CR. e.g "Deployment": [ "DeploymentName1", "DeploymentName2" + ]' + type: object + required: + - message + - phase + - ready + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakrealms_crd.yaml b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakrealms_crd.yaml new file mode 100644 index 000000000..dcb845325 --- /dev/null +++ b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakrealms_crd.yaml @@ -0,0 +1,1366 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: keycloakrealms.keycloak.org +spec: + group: keycloak.org + names: + kind: KeycloakRealm + listKind: KeycloakRealmList + plural: keycloakrealms + singular: keycloakrealm + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KeycloakRealm is the Schema for the keycloakrealms API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeycloakRealmSpec defines the desired state of KeycloakRealm. + properties: + instanceSelector: + description: Selector for looking up Keycloak Custom Resources. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + realm: + description: Keycloak Realm REST object. + properties: + accessTokenLifespan: + description: Access Token Lifespan + format: int32 + type: integer + accessTokenLifespanForImplicitFlow: + description: Access Token Lifespan For Implicit Flow + format: int32 + type: integer + accountTheme: + description: Account Theme + type: string + adminEventsDetailsEnabled: + description: 'Enable admin events details TODO: change to values + and use kubebuilder default annotation once supported' + type: boolean + adminEventsEnabled: + description: 'Enable events recording TODO: change to values and + use kubebuilder default annotation once supported' + type: boolean + adminTheme: + description: Admin Console Theme + type: string + authenticationFlows: + description: Authentication flows + items: + properties: + alias: + description: Alias + type: string + authenticationExecutions: + description: Authentication executions + items: + properties: + authenticator: + description: Authenticator + type: string + authenticatorConfig: + description: Authenticator Config + type: string + authenticatorFlow: + description: Authenticator flow + type: boolean + flowAlias: + description: Flow Alias + type: string + priority: + description: Priority + format: int32 + type: integer + requirement: + description: Requirement [REQUIRED, OPTIONAL, ALTERNATIVE, + DISABLED] + type: string + userSetupAllowed: + description: User setup allowed + type: boolean + type: object + type: array + builtIn: + description: Built in + type: boolean + description: + description: Description + type: string + id: + description: ID + type: string + providerId: + description: Provider ID + type: string + topLevel: + description: Top level + type: boolean + required: + - alias + - authenticationExecutions + type: object + type: array + authenticatorConfig: + description: Authenticator config + items: + properties: + alias: + description: Alias + type: string + config: + additionalProperties: + type: string + description: Config + type: object + id: + description: ID + type: string + required: + - alias + type: object + type: array + bruteForceProtected: + description: Brute Force Detection + type: boolean + clientScopeMappings: + additionalProperties: + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_scopemappingrepresentation + properties: + client: + description: Client + type: string + clientScope: + description: Client Scope + type: string + roles: + description: Roles + items: + type: string + type: array + self: + description: Self + type: string + type: object + type: array + description: Client Scope Mappings + type: object + clientScopes: + description: Client scopes + items: + properties: + attributes: + additionalProperties: + type: string + type: object + description: + type: string + id: + type: string + name: + type: string + protocol: + type: string + protocolMappers: + description: Protocol Mappers. + items: + properties: + config: + additionalProperties: + type: string + description: Config options. + type: object + consentRequired: + description: True if Consent Screen is required. + type: boolean + consentText: + description: Text to use for displaying Consent Screen. + type: string + id: + description: Protocol Mapper ID. + type: string + name: + description: Protocol Mapper Name. + type: string + protocol: + description: Protocol to use. + type: string + protocolMapper: + description: Protocol Mapper to use + type: string + type: object + type: array + type: object + type: array + clients: + description: A set of Keycloak Clients. + items: + properties: + access: + additionalProperties: + type: boolean + description: Access options. + type: object + adminUrl: + description: Application Admin URL. + type: string + attributes: + additionalProperties: + type: string + description: Client Attributes. + type: object + authenticationFlowBindingOverrides: + additionalProperties: + type: string + description: Authentication Flow Binding Overrides. + type: object + authorizationServicesEnabled: + description: True if fine-grained authorization support + is enabled for this client. + type: boolean + authorizationSettings: + description: Authorization settings for this resource server. + properties: + allowRemoteResourceManagement: + description: True if resources should be managed remotely + by the resource server. + type: boolean + clientId: + description: Client ID. + type: string + decisionStrategy: + description: The decision strategy dictates how permissions + are evaluated and how a final decision is obtained. + 'Affirmative' means that at least one permission must + evaluate to a positive decision in order to grant + access to a resource and its scopes. 'Unanimous' means + that all permissions must evaluate to a positive decision + in order for the final decision to be also positive. + type: string + id: + description: ID. + type: string + name: + description: Name. + type: string + policies: + description: Policies. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_policyrepresentation + properties: + config: + additionalProperties: + type: string + description: Config. + type: object + decisionStrategy: + description: The decision strategy dictates how + the policies associated with a given permission + are evaluated and how a final decision is obtained. + 'Affirmative' means that at least one policy + must evaluate to a positive decision in order + for the final decision to be also positive. + 'Unanimous' means that all policies must evaluate + to a positive decision in order for the final + decision to be also positive. 'Consensus' means + that the number of positive decisions must be + greater than the number of negative decisions. + If the number of positive and negative is the + same, the final decision will be negative. + type: string + description: + description: A description for this policy. + type: string + id: + description: ID. + type: string + logic: + description: The logic dictates how the policy + decision should be made. If 'Positive', the + resulting effect (permit or deny) obtained during + the evaluation of this policy will be used to + perform a decision. If 'Negative', the resulting + effect will be negated, in other words, a permit + becomes a deny and vice-versa. + type: string + name: + description: The name of this policy. + type: string + owner: + description: Owner. + type: string + policies: + description: Policies. + items: + type: string + type: array + resources: + description: Resources. + items: + type: string + type: array + resourcesData: + description: Resources Data. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with + the resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + ownerManagedAccess: + description: True if the access to this + resource can be managed by the resource + owner. + type: boolean + scopes: + description: The scopes associated with + this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. + It can be used to group different resource + instances with the same type. + type: string + uris: + description: Set of URIs which are protected + by resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Scopes. + items: + type: string + type: array + scopesData: + description: Scopes Data. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: Type. + type: string + type: object + type: array + policyEnforcementMode: + description: The policy enforcement mode dictates how + policies are enforced when evaluating authorization + requests. 'Enforcing' means requests are denied by + default even when there is no policy associated with + a given resource. 'Permissive' means requests are + allowed even when there is no policy associated with + a given resource. 'Disabled' completely disables the + evaluation of policies and allows access to any resource. + type: string + resources: + description: Resources. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with the + resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify a + resource, useful when querying for a specific + resource. + type: string + ownerManagedAccess: + description: True if the access to this resource + can be managed by the resource owner. + type: boolean + scopes: + description: The scopes associated with this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. It can + be used to group different resource instances + with the same type. + type: string + uris: + description: Set of URIs which are protected by + resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Authorization Scopes. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_scoperepresentation + properties: + displayName: + description: A unique name for this scope. The + name can be used to uniquely identify a scope, + useful when querying for a specific scope. + type: string + iconUri: + description: An URI pointing to an icon. + type: string + id: + description: ID. + type: string + name: + description: A unique name for this scope. The + name can be used to uniquely identify a scope, + useful when querying for a specific scope. + type: string + policies: + description: Policies. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_policyrepresentation + properties: + config: + additionalProperties: + type: string + description: Config. + type: object + decisionStrategy: + description: The decision strategy dictates + how the policies associated with a given + permission are evaluated and how a final + decision is obtained. 'Affirmative' means + that at least one policy must evaluate + to a positive decision in order for the + final decision to be also positive. 'Unanimous' + means that all policies must evaluate + to a positive decision in order for the + final decision to be also positive. 'Consensus' + means that the number of positive decisions + must be greater than the number of negative + decisions. If the number of positive and + negative is the same, the final decision + will be negative. + type: string + description: + description: A description for this policy. + type: string + id: + description: ID. + type: string + logic: + description: The logic dictates how the + policy decision should be made. If 'Positive', + the resulting effect (permit or deny) + obtained during the evaluation of this + policy will be used to perform a decision. + If 'Negative', the resulting effect will + be negated, in other words, a permit becomes + a deny and vice-versa. + type: string + name: + description: The name of this policy. + type: string + owner: + description: Owner. + type: string + policies: + description: Policies. + items: + type: string + type: array + resources: + description: Resources. + items: + type: string + type: array + resourcesData: + description: Resources Data. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated + with the resource. + type: object + displayName: + description: A unique name for this + resource. The name can be used to + uniquely identify a resource, useful + when querying for a specific resource. + type: string + icon_uri: + description: An URI pointing to an + icon. + type: string + name: + description: A unique name for this + resource. The name can be used to + uniquely identify a resource, useful + when querying for a specific resource. + type: string + ownerManagedAccess: + description: True if the access to + this resource can be managed by + the resource owner. + type: boolean + scopes: + description: The scopes associated + with this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. + It can be used to group different + resource instances with the same + type. + type: string + uris: + description: Set of URIs which are + protected by resource. + items: + type: string + type: array + type: object + type: array + scopes: + description: Scopes. + items: + type: string + type: array + scopesData: + description: Scopes Data. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: Type. + type: string + type: object + type: array + resources: + description: Resources. + items: + description: https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_resourcerepresentation + properties: + _id: + description: ID. + type: string + attributes: + additionalProperties: + type: string + description: The attributes associated with + the resource. + type: object + displayName: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + icon_uri: + description: An URI pointing to an icon. + type: string + name: + description: A unique name for this resource. + The name can be used to uniquely identify + a resource, useful when querying for a + specific resource. + type: string + ownerManagedAccess: + description: True if the access to this + resource can be managed by the resource + owner. + type: boolean + scopes: + description: The scopes associated with + this resource. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: + description: The type of this resource. + It can be used to group different resource + instances with the same type. + type: string + uris: + description: Set of URIs which are protected + by resource. + items: + type: string + type: array + type: object + type: array + type: object + type: array + type: object + baseUrl: + description: Application base URL. + type: string + bearerOnly: + description: True if a client supports only Bearer Tokens. + type: boolean + clientAuthenticatorType: + description: What Client authentication type to use. + type: string + clientId: + description: Client ID. + type: string + consentRequired: + description: True if Consent Screen is required. + type: boolean + defaultClientScopes: + description: A list of default client scopes. Default client + scopes are always applied when issuing OpenID Connect + tokens or SAML assertions for this client. + items: + type: string + type: array + defaultRoles: + description: Default Client roles. + items: + type: string + type: array + description: + description: Client description. + type: string + directAccessGrantsEnabled: + description: True if Direct Grant is enabled. + type: boolean + enabled: + description: Client enabled flag. + type: boolean + frontchannelLogout: + description: True if this client supports Front Channel + logout. + type: boolean + fullScopeAllowed: + description: True if Full Scope is allowed. + type: boolean + id: + description: Client ID. If not specified, automatically + generated. + type: string + implicitFlowEnabled: + description: True if Implicit flow is enabled. + type: boolean + name: + description: Client name. + type: string + nodeReRegistrationTimeout: + description: Node registration timeout. + type: integer + notBefore: + description: Not Before setting. + type: integer + optionalClientScopes: + description: A list of optional client scopes. Optional + client scopes are applied when issuing tokens for this + client, but only when they are requested by the scope + parameter in the OpenID Connect authorization request. + items: + type: string + type: array + protocol: + description: Protocol used for this Client. + type: string + protocolMappers: + description: Protocol Mappers. + items: + properties: + config: + additionalProperties: + type: string + description: Config options. + type: object + consentRequired: + description: True if Consent Screen is required. + type: boolean + consentText: + description: Text to use for displaying Consent Screen. + type: string + id: + description: Protocol Mapper ID. + type: string + name: + description: Protocol Mapper Name. + type: string + protocol: + description: Protocol to use. + type: string + protocolMapper: + description: Protocol Mapper to use + type: string + type: object + type: array + publicClient: + description: True if this is a public Client. + type: boolean + redirectUris: + description: A list of valid Redirection URLs. + items: + type: string + type: array + rootUrl: + description: Application root URL. + type: string + secret: + description: Client Secret. The Operator will automatically + create a Secret based on this value. + type: string + serviceAccountsEnabled: + description: True if Service Accounts are enabled. + type: boolean + standardFlowEnabled: + description: True if Standard flow is enabled. + type: boolean + surrogateAuthRequired: + description: Surrogate Authentication Required option. + type: boolean + useTemplateConfig: + description: True to use a Template Config. + type: boolean + useTemplateMappers: + description: True to use Template Mappers. + type: boolean + useTemplateScope: + description: True to use Template Scope. + type: boolean + webOrigins: + description: A list of valid Web Origins. + items: + type: string + type: array + required: + - clientId + type: object + type: array + defaultLocale: + description: Default Locale + type: string + defaultRole: + description: Default role + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + displayName: + description: Realm display name. + type: string + displayNameHtml: + description: Realm HTML display name. + type: string + duplicateEmailsAllowed: + description: Duplicate emails + type: boolean + editUsernameAllowed: + description: Edit username + type: boolean + emailTheme: + description: Email Theme + type: string + enabled: + description: Realm enabled flag. + type: boolean + enabledEventTypes: + description: Enabled event types + items: + type: string + type: array + eventsEnabled: + description: 'Enable events recording TODO: change to values and + use kubebuilder default annotation once supported' + type: boolean + eventsListeners: + description: A set of Event Listeners. + items: + type: string + type: array + failureFactor: + description: Max Login Failures + format: int32 + type: integer + id: + type: string + identityProviders: + description: A set of Identity Providers. + items: + properties: + addReadTokenRoleOnCreate: + description: Adds Read Token role when creating this Identity + Provider. + type: boolean + alias: + description: Identity Provider Alias. + type: string + config: + additionalProperties: + type: string + description: Identity Provider config. + type: object + displayName: + description: Identity Provider Display Name. + type: string + enabled: + description: Identity Provider enabled flag. + type: boolean + firstBrokerLoginFlowAlias: + description: Identity Provider First Broker Login Flow Alias. + type: string + internalId: + description: Identity Provider Internal ID. + type: string + linkOnly: + description: Identity Provider Link Only setting. + type: boolean + postBrokerLoginFlowAlias: + description: Identity Provider Post Broker Login Flow Alias. + type: string + providerId: + description: Identity Provider ID. + type: string + storeToken: + description: Identity Provider Store to Token. + type: boolean + trustEmail: + description: Identity Provider Trust Email. + type: boolean + type: object + type: array + internationalizationEnabled: + description: Internationalization Enabled + type: boolean + loginTheme: + description: Login Theme + type: string + loginWithEmailAllowed: + description: Login with email + type: boolean + maxDeltaTimeSeconds: + description: Failure Reset Time + format: int32 + type: integer + maxFailureWaitSeconds: + description: Max Wait + format: int32 + type: integer + minimumQuickLoginWaitSeconds: + description: Minimum Quick Login Wait + format: int32 + type: integer + passwordPolicy: + description: Realm Password Policy + type: string + permanentLockout: + description: Permanent Lockout + type: boolean + quickLoginCheckMilliSeconds: + description: Quick Login Check Milli Seconds + format: int64 + type: integer + realm: + description: Realm name. + type: string + registrationAllowed: + description: User registration + type: boolean + registrationEmailAsUsername: + description: Email as username + type: boolean + rememberMe: + description: Remember me + type: boolean + resetPasswordAllowed: + description: Forgot password + type: boolean + roles: + description: Roles + properties: + client: + additionalProperties: + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + type: array + description: Client Roles + type: object + realm: + description: Realm Roles + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: Role Attributes + type: object + clientRole: + description: Client Role + type: boolean + composite: + description: Composite + type: boolean + composites: + description: Composites + properties: + client: + additionalProperties: + items: + type: string + type: array + description: Map client => []role + type: object + realm: + description: Realm roles + items: + type: string + type: array + type: object + containerId: + description: Container Id + type: string + description: + description: Description + type: string + id: + description: Id + type: string + name: + description: Name + type: string + required: + - name + type: object + type: array + type: object + scopeMappings: + description: Scope Mappings + items: + description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_scopemappingrepresentation + properties: + client: + description: Client + type: string + clientScope: + description: Client Scope + type: string + roles: + description: Roles + items: + type: string + type: array + self: + description: Self + type: string + type: object + type: array + smtpServer: + additionalProperties: + type: string + description: Email + type: object + sslRequired: + description: Require SSL + type: string + supportedLocales: + description: Supported Locales + items: + type: string + type: array + userFederationMappers: + description: User federation mappers are extension points triggered + by the user federation at various points. + items: + description: https://www.keycloak.org/docs/11.0/server_admin/#_ldap_mappers + https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_userfederationmapperrepresentation + properties: + config: + additionalProperties: + type: string + description: User federation mapper config. + type: object + federationMapperType: + type: string + federationProviderDisplayName: + description: The displayName for the user federation provider + this mapper applies to. + type: string + id: + type: string + name: + type: string + type: object + type: array + userFederationProviders: + description: Point keycloak to an external user provider to validate + credentials or pull in identity information. + items: + description: https://www.keycloak.org/docs-api/10.0/rest-api/index.html#_userfederationproviderrepresentation + properties: + config: + additionalProperties: + type: string + description: User federation provider config. + type: object + displayName: + description: The display name of this provider instance. + type: string + fullSyncPeriod: + format: int32 + type: integer + id: + description: The ID of this provider + type: string + priority: + description: The priority of this provider when looking + up users or adding a user. + format: int32 + type: integer + providerName: + description: The name of the user provider, such as "ldap", + "kerberos" or a custom SPI. + type: string + type: object + type: array + userManagedAccessAllowed: + description: User Managed Access Allowed + type: boolean + users: + description: A set of Keycloak Users. + items: + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: A set of Attributes. + type: object + clientRoles: + additionalProperties: + items: + type: string + type: array + description: A set of Client Roles. + type: object + credentials: + description: A set of Credentials. + items: + properties: + temporary: + description: True if this credential object is temporary. + type: boolean + type: + description: Credential Type. + type: string + value: + description: Credential Value. + type: string + type: object + type: array + email: + description: Email. + type: string + emailVerified: + description: True if email has already been verified. + type: boolean + enabled: + description: User enabled flag. + type: boolean + federatedIdentities: + description: A set of Federated Identities. + items: + properties: + identityProvider: + description: Federated Identity Provider. + type: string + userId: + description: Federated Identity User ID. + type: string + userName: + description: Federated Identity User Name. + type: string + type: object + type: array + firstName: + description: First Name. + type: string + groups: + description: A set of Groups. + items: + type: string + type: array + id: + description: User ID. + type: string + lastName: + description: Last Name. + type: string + realmRoles: + description: A set of Realm Roles. + items: + type: string + type: array + requiredActions: + description: A set of Required Actions. + items: + type: string + type: array + username: + description: User Name. + type: string + type: object + type: array + verifyEmail: + description: Verify email + type: boolean + waitIncrementSeconds: + description: Wait Increment + format: int32 + type: integer + required: + - realm + type: object + realmOverrides: + description: A list of overrides to the default Realm behavior. + items: + properties: + forFlow: + description: Flow to be overridden. + type: string + identityProvider: + description: Identity Provider to be overridden. + type: string + required: + - identityProvider + type: object + type: array + x-kubernetes-list-type: atomic + unmanaged: + description: When set to true, this KeycloakRealm will be marked as + unmanaged and not be managed by this operator. It can then be used + for targeting purposes. + type: boolean + required: + - realm + type: object + status: + description: KeycloakRealmStatus defines the observed state of KeycloakRealm + properties: + loginURL: + description: TODO + type: string + message: + description: Human-readable message indicating details about current + operator phase or error. + type: string + phase: + description: Current phase of the operator. + type: string + ready: + description: True if all resources are in a ready state and all work + is done. + type: boolean + secondaryResources: + additionalProperties: + items: + type: string + type: array + description: 'A map of all the secondary resources types and names + created for this CR. e.g "Deployment": [ "DeploymentName1", "DeploymentName2" + ]' + type: object + required: + - loginURL + - message + - phase + - ready + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloaks_crd.yaml b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloaks_crd.yaml new file mode 100644 index 000000000..96e09d1f7 --- /dev/null +++ b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloaks_crd.yaml @@ -0,0 +1,1119 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: keycloaks.keycloak.org +spec: + group: keycloak.org + names: + kind: Keycloak + listKind: KeycloakList + plural: keycloaks + singular: keycloak + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Keycloak is the Schema for the keycloaks API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeycloakSpec defines the desired state of Keycloak. + properties: + DisableDefaultServiceMonitor: + description: Disables the integration with Application Monitoring + Operator. When set to true, the operator doesn't create default + PrometheusRule, ServiceMonitor and GrafanaDashboard objects and + users will have to create them manually, if needed. + type: boolean + extensions: + description: A list of extensions, where each one is a URL to a JAR + files that will be deployed in Keycloak. + items: + type: string + type: array + x-kubernetes-list-type: set + external: + description: Contains configuration for external Keycloak instances. + Unmanaged needs to be set to true to use this. + properties: + enabled: + description: If set to true, this Keycloak will be treated as + an external instance. The unmanaged field also needs to be set + to true if this field is true. + type: boolean + url: + description: The URL to use for the keycloak admin API. Needs + to be set if external is true. + type: string + type: object + externalAccess: + description: Controls external Ingress/Route settings. + properties: + enabled: + description: If set to true, the Operator will create an Ingress + or a Route pointing to Keycloak. + type: boolean + host: + description: If set, the Operator will use value of host for Ingress + host instead of default value keycloak.local. Using this setting + in OpenShift environment will result an error. Only users with + special permissions are allowed to modify the hostname. + type: string + tlsTermination: + description: TLS Termination type for the external access. Setting + this field to "reencrypt" will terminate TLS on the Ingress/Route + level. Setting this field to "passthrough" will send encrypted + traffic to the Pod. If unspecified, defaults to "reencrypt". + Note, that this setting has no effect on Ingress as Ingress + TLS settings are not reconciled by this operator. In other words, + Ingress TLS configuration is the same in both cases and it is + up to the user to configure TLS section of the Ingress. + type: string + type: object + externalDatabase: + description: "Controls external database settings. Using an external + database requires providing a secret containing credentials as well + as connection details. Here's an example of such secret: \n apiVersion: + v1 kind: Secret metadata: name: keycloak-db-secret + \ namespace: keycloak stringData: POSTGRES_DATABASE: + <Database Name> POSTGRES_EXTERNAL_ADDRESS: <External Database + IP or URL (resolvable by K8s)> POSTGRES_EXTERNAL_PORT: <External + Database Port> # Strongly recommended to use <'Keycloak + CR Name'-postgresql> POSTGRES_HOST: <Database Service Name> + \ POSTGRES_PASSWORD: <Database Password> # Required + for AWS Backup functionality POSTGRES_SUPERUSER: true POSTGRES_USERNAME: + <Database Username> type: Opaque \n Both POSTGRES_EXTERNAL_ADDRESS + and POSTGRES_EXTERNAL_PORT are specifically required for creating + connection to the external database. The secret name is created + using the following convention: <Custom Resource Name>-db-secret + \n For more information, please refer to the Operator documentation." + properties: + enabled: + description: If set to true, the Operator will use an external + database pointing to Keycloak. The embedded database (externalDatabase.enabled + = false) is deprecated. + type: boolean + type: object + instances: + description: Number of Keycloak instances in HA mode. Default is 1. + type: integer + keycloakDeploymentSpec: + description: Resources (Requests and Limits) for KeycloakDeployment. + properties: + experimental: + description: 'Experimental section NOTE: This section might change + or get removed without any notice. It may also cause the deployment + to behave in an unpredictable fashion. Please use with care.' + properties: + affinity: + description: Affinity settings + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key <topologyKey> + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key <topologyKey> + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + args: + description: Arguments to the entrypoint. Translates into + Container CMD. + items: + type: string + type: array + command: + description: Container command. Translates into Container + ENTRYPOINT. + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, + `metadata.annotations[''<KEY>'']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + serviceAccountName: + description: ServiceAccountName settings + type: string + volumes: + description: Additional volume mounts + properties: + defaultMode: + description: Permissions mode. + format: int32 + type: integer + items: + items: + properties: + configMaps: + description: Allow multiple configmaps to mount + to the same directory + items: + type: string + type: array + items: + description: Mount details + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + mountPath: + description: An absolute path where to mount it + type: string + name: + description: Volume name + type: string + secrets: + description: Secret mount + items: + type: string + type: array + required: + - mountPath + type: object + type: array + type: object + type: object + podannotations: + additionalProperties: + type: string + description: List of annotations to set in the keycloak pods + type: object + podlabels: + additionalProperties: + type: string + description: List of labels to set in the keycloak pods + type: object + resources: + description: Resources (Requests and Limits) for the Pods. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + type: object + migration: + description: Specify Migration configuration + properties: + backups: + description: Set it to config backup policy for migration + properties: + enabled: + description: If set to true, the operator will do database + backup before doing migration + type: boolean + type: object + strategy: + description: Specify migration strategy + type: string + type: object + multiAvailablityZones: + description: Specify PodAntiAffinity settings for Keycloak deployment + in Multi AZ + properties: + enabled: + description: If set to true, the operator will create a podAntiAffinity + settings for the Keycloak deployment. + type: boolean + type: object + podDisruptionBudget: + description: Specify PodDisruptionBudget configuration. + properties: + enabled: + description: If set to true, the operator will create a PodDistruptionBudget + for the Keycloak deployment and set its `maxUnavailable` value + to 1. + type: boolean + type: object + postgresDeploymentSpec: + description: Resources (Requests and Limits) for PostgresDeployment. + properties: + resources: + description: Resources (Requests and Limits) for the Pods. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + type: object + profile: + description: Profile used for controlling Operator behavior. Default + is empty. + type: string + storageClassName: + description: Name of the StorageClass for Postgresql Persistent Volume + Claim + type: string + unmanaged: + description: When set to true, this Keycloak will be marked as unmanaged + and will not be managed by this operator. It can then be used for + targeting purposes. + type: boolean + type: object + status: + description: KeycloakStatus defines the observed state of Keycloak. + properties: + credentialSecret: + description: The secret where the admin credentials are to be found. + type: string + externalURL: + description: External URL for accessing Keycloak instance from outside + the cluster. Is identical to external.URL if it's specified, otherwise + is computed (e.g. from Ingress). + type: string + internalURL: + description: An internal URL (service name) to be used by the admin + client. + type: string + message: + description: Human-readable message indicating details about current + operator phase or error. + type: string + phase: + description: Current phase of the operator. + type: string + ready: + description: True if all resources are in a ready state and all work + is done. + type: boolean + secondaryResources: + additionalProperties: + items: + type: string + type: array + description: 'A map of all the secondary resources types and names + created for this CR. e.g "Deployment": [ "DeploymentName1", "DeploymentName2" + ].' + type: object + version: + description: Version of Keycloak or RHSSO running on the cluster. + type: string + required: + - credentialSecret + - internalURL + - message + - phase + - ready + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakusers_crd.yaml b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakusers_crd.yaml new file mode 100644 index 000000000..4a192c3bf --- /dev/null +++ b/tools/intersmash-tools-provisioners/src/main/resources/crds/keycloak.org_keycloakusers_crd.yaml @@ -0,0 +1,183 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: keycloakusers.keycloak.org +spec: + group: keycloak.org + names: + kind: KeycloakUser + listKind: KeycloakUserList + plural: keycloakusers + singular: keycloakuser + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KeycloakUser is the Schema for the keycloakusers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeycloakUserSpec defines the desired state of KeycloakUser. + properties: + realmSelector: + description: Selector for looking up KeycloakRealm Custom Resources. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + user: + description: Keycloak User REST object. + properties: + attributes: + additionalProperties: + items: + type: string + type: array + description: A set of Attributes. + type: object + clientRoles: + additionalProperties: + items: + type: string + type: array + description: A set of Client Roles. + type: object + credentials: + description: A set of Credentials. + items: + properties: + temporary: + description: True if this credential object is temporary. + type: boolean + type: + description: Credential Type. + type: string + value: + description: Credential Value. + type: string + type: object + type: array + email: + description: Email. + type: string + emailVerified: + description: True if email has already been verified. + type: boolean + enabled: + description: User enabled flag. + type: boolean + federatedIdentities: + description: A set of Federated Identities. + items: + properties: + identityProvider: + description: Federated Identity Provider. + type: string + userId: + description: Federated Identity User ID. + type: string + userName: + description: Federated Identity User Name. + type: string + type: object + type: array + firstName: + description: First Name. + type: string + groups: + description: A set of Groups. + items: + type: string + type: array + id: + description: User ID. + type: string + lastName: + description: Last Name. + type: string + realmRoles: + description: A set of Realm Roles. + items: + type: string + type: array + requiredActions: + description: A set of Required Actions. + items: + type: string + type: array + username: + description: User Name. + type: string + type: object + required: + - user + type: object + status: + description: KeycloakUserStatus defines the observed state of KeycloakUser. + properties: + message: + description: Human-readable message indicating details about current + operator phase or error. + type: string + phase: + description: Current phase of the operator. + type: string + required: + - message + - phase + type: object + type: object + served: true + storage: true + subresources: + status: {}