diff --git a/controllers/cloud.redhat.com/providers/featureflags/localfeatureflags.go b/controllers/cloud.redhat.com/providers/featureflags/localfeatureflags.go index 86beadaf0..eae924113 100644 --- a/controllers/cloud.redhat.com/providers/featureflags/localfeatureflags.go +++ b/controllers/cloud.redhat.com/providers/featureflags/localfeatureflags.go @@ -2,7 +2,6 @@ package featureflags import ( "fmt" - "net/url" crd "github.com/RedHatInsights/clowder/apis/cloud.redhat.com/v1alpha1" "github.com/RedHatInsights/clowder/controllers/cloud.redhat.com/config" @@ -109,19 +108,16 @@ func (ff *localFeatureFlagsProvider) EnvProvide() error { username := utils.RandString(16) hostname := fmt.Sprintf("%v.%v.svc", namespacedNameDb.Name, namespacedNameDb.Namespace) - passwordEncode := url.QueryEscape(password) - connectionURL := fmt.Sprintf("postgres://%s:%s@%s/%s", username, passwordEncode, hostname, "unleash") dataInitDb := func() map[string]string { return map[string]string{ - "hostname": hostname, - "port": "5432", - "username": username, - "password": password, - "pgPass": pgPassword, - "name": "unleash", - "connectionURL": connectionURL, + "hostname": hostname, + "port": "5432", + "username": username, + "password": password, + "pgPass": pgPassword, + "name": "unleash", } } @@ -149,7 +145,7 @@ func (ff *localFeatureFlagsProvider) EnvProvide() error { }, } - provutils.MakeLocalDB(dd, namespacedNameDb, ff.Env, labels, &dbCfg, "quay.io/cloudservices/postgresql-rds:12-9ee2984", ff.Env.Spec.Providers.FeatureFlags.PVC, "unleash", &res) + provutils.MakeLocalDB(dd, namespacedNameDb, ff.Env, labels, &dbCfg, "quay.io/cloudservices/postgresql-rds:15-53ac80c", ff.Env.Spec.Providers.FeatureFlags.PVC, "unleash", &res) if err = ff.Cache.Update(LocalFFDBDeployment, dd); err != nil { return err @@ -220,17 +216,6 @@ func makeLocalFeatureFlags(cache *rc.ObjectCache, o obj.ClowdObject, objMap prov keycloakSecret := core.Secret{} cache.Get(web.WebKeycloakSecret, &keycloakSecret) - /* - NOTE: about the order ... set the order in the impl. of each provider - REACH the provider, get the data from the cache. - - make "somethingsomething" -> made with component system (make component cache exists) - There was a pattern, all compontents were created the same way each time - the name is makeCachecomponent (or makecomponentcache, one or the other) - - the objMap ... - */ - dd := objMap[LocalFFDeployment].(*apps.Deployment) svc := objMap[LocalFFService].(*core.Service) @@ -250,25 +235,43 @@ func makeLocalFeatureFlags(cache *rc.ObjectCache, o obj.ClowdObject, objMap prov port := int32(4242) - envVars := []core.EnvVar{{ - Name: "DATABASE_PASSWORD", - ValueFrom: &core.EnvVarSource{ - SecretKeyRef: &core.SecretKeySelector{ - LocalObjectReference: core.LocalObjectReference{ - Name: "featureflags-db", - }, - Key: "password", - }, - }, - }, + envVars := []core.EnvVar{ { Name: "DATABASE_SSL", Value: "false", }, + { + Name: "KC_HOST", + Value: fmt.Sprintf("http://%s-%s.%s.svc:8080", o.GetClowdName(), "keycloak", o.GetClowdNamespace()), + }, + { + Name: "KC_REALM", + Value: "unleash", + }, + { + Name: "KC_CLIENT_ID", + Value: "unleash", + }, + { + Name: "KC_ADMIN_ROLES", + Value: "admin", + }, + { + Name: "KC_EDITOR_ROLES", + Value: "editor", + }, + { + Name: "KC_VIEWER_ROLES", + Value: "viewer", + }, } envVars = provutils.AppendEnvVarsFromSecret(envVars, "featureflags-db", - provutils.NewSecretEnvVar("DATABASE_URL", "connectionURL"), + provutils.NewSecretEnvVar("DATABASE_HOST", "hostname"), + provutils.NewSecretEnvVar("DATABASE_PORT", "port"), + provutils.NewSecretEnvVar("DATABASE_USERNAME", "username"), + provutils.NewSecretEnvVar("DATABASE_PASSWORD", "password"), + provutils.NewSecretEnvVar("DATABASE_NAME", "name"), ) envVars = provutils.AppendEnvVarsFromSecret(envVars, nn.Name, provutils.NewSecretEnvVar("INIT_CLIENT_API_TOKENS", "clientAccessToken"), diff --git a/controllers/cloud.redhat.com/providers/web/resources_keycloak.go b/controllers/cloud.redhat.com/providers/web/resources_keycloak.go index 5d818092b..480b09c78 100644 --- a/controllers/cloud.redhat.com/providers/web/resources_keycloak.go +++ b/controllers/cloud.redhat.com/providers/web/resources_keycloak.go @@ -199,10 +199,10 @@ func configureKeycloak(web *localWebProvider) error { } func makeKeycloakImportSecretRealm(cache *rc.ObjectCache, o obj.ClowdObject, password string) error { - userData := &core.Secret{} + importData := &core.Secret{} userDataNN := providers.GetNamespacedName(o, "keycloak-realm-import") - if err := cache.Create(WebKeycloakImportSecret, userDataNN, userData); err != nil { + if err := cache.Create(WebKeycloakImportSecret, userDataNN, importData); err != nil { return err } @@ -211,20 +211,32 @@ func makeKeycloakImportSecretRealm(cache *rc.ObjectCache, o obj.ClowdObject, pas labeler := utils.MakeLabeler(userDataNN, labels, o) - labeler(userData) + labeler(importData) - userImportData, err := os.ReadFile("./jsons/redhat-external-realm.json") + readhatRealmData, err := os.ReadFile("./jsons/redhat-external-realm.json") if err != nil { return fmt.Errorf("could not read user data: %w", err) } - userData.StringData = map[string]string{} - userImportDataString := string(userImportData) - userImportDataString = strings.Replace(userImportDataString, "########PASSWORD########", password, 1) + unleashRealmData, err := os.ReadFile("./jsons/unleash-realm.json") + if err != nil { + return fmt.Errorf("could not read unleash-realm data: %w", err) + } + + unleashUsersData, err := os.ReadFile("./jsons/unleash-users.json") + if err != nil { + return fmt.Errorf("could not read unleash-users data: %w", err) + } + + importData.StringData = map[string]string{} + redhatRealmDataString := string(readhatRealmData) + redhatRealmDataString = strings.Replace(redhatRealmDataString, "########PASSWORD########", password, 1) - userData.StringData["redhat-external-realm.json"] = string(userImportDataString) + importData.StringData["redhat-external-realm.json"] = string(redhatRealmDataString) + importData.StringData["unleash-realm.json"] = string(unleashRealmData) + importData.StringData["unleash-users.json"] = string(unleashUsersData) - return cache.Update(WebKeycloakImportSecret, userData) + return cache.Update(WebKeycloakImportSecret, importData) } func baseProbeHandler(port int32, path string) core.ProbeHandler { @@ -307,10 +319,6 @@ func makeKeycloak(cache *rc.ObjectCache, o obj.ClowdObject, objMap providers.Obj Name: "PROXY_ADDRESS_FORWARDING", Value: "true", }, - { - Name: "KEYCLOAK_IMPORT", - Value: "/json/redhat-external-realm.json", - }, } envVars = provutils.AppendEnvVarsFromSecret(envVars, "keycloak-db",