From 677c792b44db8baf4714e7f26bc06a33e9074022 Mon Sep 17 00:00:00 2001
From: Maximilian Kreuzkam <maximilian.kreuzkam@capgemini.com>
Date: Wed, 23 Oct 2024 12:23:06 +0200
Subject: [PATCH] EW-1047: Add TSP System on Dev Environments

---
 .../templates/configmap_file_init.yml.j2      | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2 b/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2
index 238b44226e4..b76b3e54edd 100644
--- a/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2
+++ b/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2
@@ -559,5 +559,43 @@ data:
 
         # ========== End of the Instance seed data configuration section.
 
+    # ========== Start of TSP system creation
+    if [[ $SC_THEME == "thr" ]]; then
+      echo "Adding TSP system to systems collection"
+
+      TSP_SYSTEM_OAUTH_CLIENT_SECRET=$(node scripts/secret.js -s $AES_KEY -e $TSP_SYSTEM_OAUTH_CLIENT_SECRET)
+      mongosh $DATABASE__URL --quiet --eval 'db.systems.insertOne(
+          {
+            "_id": ObjectId("66d707f5c5202ba10c5e6256"),
+            "alias": "TSP",
+            "displayName": "Thüringer Schulportal",
+            "type": "oauth",
+            "provisioningStrategy": "tsp",
+            "oauthConfig": {
+              "clientId": "'$TSP_SYSTEM_OAUTH_CLIENT_ID'",
+              "clientSecret": "'$TSP_SYSTEM_OAUTH_CLIENT_SECRET'",
+              "tokenEndpoint": "https://test2.schulportal-thueringen.de/auth/realms/TIS/protocol/openid-connect/token",
+              "grantType": "authorization_code",
+              "scope": "openid",
+              "responseType": "code",
+              "redirectUri": "https://{{ NAMESPACE }}.thr.dbildungscloud.dev/api/v3/sso/oauth",
+              "authEndpoint": "https://test2.schulportal-thueringen.de/auth/realms/TIS/protocol/openid-connect/auth",
+              "provider": "tsp",
+              "jwksEndpoint": "https://test2.schulportal-thueringen.de/auth/realms/TIS/protocol/openid-connect/certs",
+              "issuer": "https://test2.schulportal-thueringen.de/auth/realms/TIS"
+            }
+          }
+      );'
+
+      echo "Successfully added TSP system"
+
+      echo "Running TSP Sync"
+      npm run nest:start:sync tsp
+
+      echo "Successfully ran TSP sync"
+    fi
+
+    # ========== End of TSP system creation
+
     # Database indexes synchronization, it's crucial until we have all the entities in NestJS app.
     npm run syncIndexes