@aifabrix/builder 2.1.1 → 2.1.2

package/lib/generator.js

@@ -124,10 +124,19 @@ function buildBaseDeployment(appName, variables, filteredConfiguration) {
 function buildAuthenticationConfig(variables, rbac) {
   if (variables.authentication) {
     const auth = {
-      type: variables.authentication.type || 'azure',
-      enableSSO: variables.authentication.enableSSO !== undefined ? variables.authentication.enableSSO : true,
-      requiredRoles: variables.authentication.requiredRoles || []
+      enableSSO: variables.authentication.enableSSO !== undefined ? variables.authentication.enableSSO : true
     };
+
+    // When enableSSO is false, default type to 'none' and requiredRoles to []
+    // When enableSSO is true, require type and requiredRoles
+    if (auth.enableSSO === false) {
+      auth.type = variables.authentication.type || 'none';
+      auth.requiredRoles = variables.authentication.requiredRoles || [];
+    } else {
+      auth.type = variables.authentication.type || 'azure';
+      auth.requiredRoles = variables.authentication.requiredRoles || [];
+    }
+
     if (variables.authentication.endpoints) {
       auth.endpoints = variables.authentication.endpoints;
     }
@@ -474,5 +483,6 @@ module.exports = {
   buildImageReference,
   buildHealthCheck,
   buildRequirements,
-  buildAuthentication
+  buildAuthentication,
+  buildAuthenticationConfig
 };

package/lib/schema/application-schema.json

@@ -428,8 +428,8 @@
     },
     "authentication": {
       "type": "object",
-      "description": "Authentication configuration",
-      "required": ["type", "enableSSO", "requiredRoles"],
+      "description": "Authentication configuration. When enableSSO is false, only enableSSO is required. When enableSSO is true, type and requiredRoles are also required.",
+      "required": ["enableSSO"],
       "properties": {
         "type": {
           "type": "string",
@@ -466,7 +466,21 @@
           "additionalProperties": false
         }
       },
-      "additionalProperties": false
+      "additionalProperties": false,
+      "allOf": [
+        {
+          "if": {
+            "properties": {
+              "enableSSO": {
+                "const": true
+              }
+            }
+          },
+          "then": {
+            "required": ["type", "enableSSO", "requiredRoles"]
+          }
+        }
+      ]
     },
     "roles": {
       "type": "array",

package/lib/utils/variable-transformer.js

@@ -55,6 +55,23 @@ function transformFlatStructure(variables, appName) {
       type: sanitizeAuthType(result.authentication.type)
     };
   }
+  // Handle partial authentication objects (when only enableSSO is provided)
+  if (result.authentication && result.authentication.enableSSO !== undefined) {
+    const auth = {
+      ...result.authentication,
+      enableSSO: result.authentication.enableSSO
+    };
+    // When enableSSO is false, default type to 'none' and requiredRoles to []
+    // When enableSSO is true, default type to 'azure' if not provided
+    if (auth.enableSSO === false) {
+      auth.type = sanitizeAuthType(result.authentication.type || 'none');
+      auth.requiredRoles = result.authentication.requiredRoles || [];
+    } else {
+      auth.type = sanitizeAuthType(result.authentication.type || 'azure');
+      auth.requiredRoles = result.authentication.requiredRoles || [];
+    }
+    result.authentication = auth;
+  }
 
   return result;
 }
@@ -182,10 +199,24 @@ function transformOptionalFields(variables, transformed) {
   }
 
   if (variables.authentication) {
-    transformed.authentication = {
+    // Ensure authentication object has enableSSO at minimum
+    // Default type and requiredRoles based on enableSSO value
+    const auth = {
       ...variables.authentication,
-      type: sanitizeAuthType(variables.authentication.type)
+      enableSSO: variables.authentication.enableSSO !== undefined ? variables.authentication.enableSSO : true
     };
+
+    // When enableSSO is false, default type to 'none' and requiredRoles to []
+    // When enableSSO is true, default type to 'azure' if not provided
+    if (auth.enableSSO === false) {
+      auth.type = sanitizeAuthType(variables.authentication.type || 'none');
+      auth.requiredRoles = variables.authentication.requiredRoles || [];
+    } else {
+      auth.type = sanitizeAuthType(variables.authentication.type || 'azure');
+      auth.requiredRoles = variables.authentication.requiredRoles || [];
+    }
+
+    transformed.authentication = auth;
   }
 
   const repository = validateRepositoryConfig(variables.repository);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aifabrix/builder",
-  "version": "2.1.1",
+  "version": "2.1.2",
   "description": "AI Fabrix Local Fabric & Deployment SDK",
   "main": "lib/index.js",
   "bin": {

package/templates/applications/keycloak/variables.yaml

@@ -34,11 +34,7 @@ healthCheck:
 
 # Authentication
 authentication:
-  type: keycloak
-  enableSSO: true
-  requiredRoles: ["aifabrix-user"]
-  endpoints:
-    local: "http://localhost:8082/auth/callback"
+  enableSSO: false
 
 # Build Configuration
 build:

package/templates/applications/keycloak/rbac.yaml

@@ -1,37 +0,0 @@
-roles:
-  - name: "AI Fabrix Admin"
-    value: "aifabrix-admin"
-    description: "Full access to all application features and configurations"
-  
-  - name: "AI Fabrix User"
-    value: "aifabrix-user"
-    description: "Basic user access to the application"
-  
-  - name: "AI Fabrix Developer"
-    value: "aifabrix-developer"
-    description: "Developer access for testing and debugging"
-
-permissions:
-  - name: "myapp:read"
-    roles: 
-      - "aifabrix-user"
-      - "aifabrix-admin"
-      - "aifabrix-developer"
-    description: "Read access to application data"
-  
-  - name: "myapp:write"
-    roles:
-      - "aifabrix-admin"
-      - "aifabrix-developer"
-    description: "Create and edit application data"
-  
-  - name: "myapp:delete"
-    roles:
-      - "aifabrix-admin"
-    description: "Delete application data"
-  
-  - name: "myapp:admin"
-    roles:
-      - "aifabrix-admin"
-    description: "Administrative access to application configuration"
-