ci: enable identity test client vars (#2598)

camunda · Nov 21, 2024 · 897d033 · 897d033
1 parent e9d0c48
commit 897d033
Showing 1 changed file with 50 additions and 65 deletions.
diff --git a/charts/camunda-platform-alpha/test/integration/scenarios/common/values-integration-test.yaml b/charts/camunda-platform-alpha/test/integration/scenarios/common/values-integration-test.yaml
@@ -1,71 +1,56 @@
 identity:
   # Keycloak client seed which is used to query Camunda APIs.
   env:
-  # - name: KEYCLOAK_CLIENTS_2_ID
-  #   value: venom
-  # - name: KEYCLOAK_CLIENTS_2_NAME
-  #   value: Venom
-  # - name: KEYCLOAK_CLIENTS_2_SECRET
-  #   valueFrom:
-  #     secretKeyRef:
-  #       name: integration-test-credentials
-  #       key: identity-admin-client-password
-  # - name: KEYCLOAK_CLIENTS_2_REDIRECT_URIS_0
-  #   value: /dummy
-  # - name: KEYCLOAK_CLIENTS_2_ROOT_URL
-  #   value: http://dummy
-  # - name: KEYCLOAK_CLIENTS_2_TYPE
-  #   value: CONFIDENTIAL
-  # # Identity access.
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_RESOURCE_SERVER_ID
-  #   value: camunda-identity-resource-server
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_DEFINITION
-  #   value: read
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_1_RESOURCE_SERVER_ID
-  #   value: camunda-identity-resource-server
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_1_DEFINITION
-  #   value: write
-  # # # Operate access.
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_RESOURCE_SERVER_ID
-  # #   value: "operate-api"
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_DEFINITION
-  # #   value: "read:*"
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_RESOURCE_SERVER_ID
-  # #   value: "operate-api"
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_DEFINITION
-  # #   value: "write:*"
-  # # # Tasklist access.
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_RESOURCE_SERVER_ID
-  # #   value: tasklist-api
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_DEFINITION
-  # #   value: "read:*"
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_5_RESOURCE_SERVER_ID
-  # #   value: tasklist-api
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_5_DEFINITION
-  # #   value: "write:*"
-  # # Optimize access.
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_RESOURCE_SERVER_ID
-  #   value: core-api
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_DEFINITION
-  #   value: "write:*"
-  # # # Zeebe access.
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_7_RESOURCE_SERVER_ID
-  # #   value: zeebe-api
-  # # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_7_DEFINITION
-  # #   value: "write:*"
-  # # WebModeler access.
-  # # NOTE: This actually should be only in the chart-with-web-modeler scenarios,
-  # # but since Helm doesn't support merge lists it's added here.
-  # # It could be removed later when the env vars could be configured via ConfigMap.
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_RESOURCE_SERVER_ID
-  #   value: web-modeler-api
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_DEFINITION
-  #   value: "write:*"
-  # # Console access.
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_RESOURCE_SERVER_ID
-  #   value: console-api
-  # - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_DEFINITION
-  #   value: "write:*"
+  - name: KEYCLOAK_CLIENTS_2_ID
+    value: test
+  - name: KEYCLOAK_CLIENTS_2_NAME
+    value: Test
+  - name: KEYCLOAK_CLIENTS_2_SECRET
+    valueFrom:
+      secretKeyRef:
+        name: integration-test-credentials
+        key: identity-admin-client-password
+  - name: KEYCLOAK_CLIENTS_2_REDIRECT_URIS_0
+    value: /dummy
+  - name: KEYCLOAK_CLIENTS_2_ROOT_URL
+    value: http://dummy
+  - name: KEYCLOAK_CLIENTS_2_TYPE
+    value: CONFIDENTIAL
+  #######################
+  # Management Group
+  #######################
+  # Identity access.
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_RESOURCE_SERVER_ID
+    value: camunda-identity-resource-server
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_DEFINITION
+    value: read
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_1_RESOURCE_SERVER_ID
+    value: camunda-identity-resource-server
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_1_DEFINITION
+    value: write
+  # Console access.
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_RESOURCE_SERVER_ID
+    value: console-api
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_2_DEFINITION
+    value: "write:*"
+  # WebModeler access.
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_RESOURCE_SERVER_ID
+    value: web-modeler-api
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_3_DEFINITION
+    value: "write:*"
+  #######################
+  # Orchestration Group
+  #######################
+  # Core access.
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_RESOURCE_SERVER_ID
+    value: core-api
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_4_DEFINITION
+    value: "write:*"
+  # Optimize access.
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_5_RESOURCE_SERVER_ID
+    value: optimize-api
+  - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_5_DEFINITION
+    value: "write:*"
 
 # Auth to avoid Docker download rate limit.
 # https://docs.docker.com/docker-hub/download-rate-limit/