npm - rhdh-e2e-test-utils - Versions diffs - 1.0.1 → 1.1.0 - Mend

rhdh-e2e-test-utils 1.0.1 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (95) hide show

package/README.md +577 -56
package/dist/deployment/keycloak/config/keycloak-values.yaml +94 -0
package/dist/deployment/keycloak/constants.d.ts +29 -0
package/dist/deployment/keycloak/constants.d.ts.map +1 -0
package/dist/deployment/keycloak/constants.js +75 -0
package/dist/deployment/keycloak/deployment.d.ts +89 -0
package/dist/deployment/keycloak/deployment.d.ts.map +1 -0
package/dist/deployment/keycloak/deployment.js +437 -0
package/dist/deployment/keycloak/index.d.ts +2 -0
package/dist/deployment/keycloak/index.d.ts.map +1 -0
package/dist/deployment/keycloak/index.js +1 -0
package/dist/deployment/keycloak/types.d.ts +59 -0
package/dist/deployment/keycloak/types.d.ts.map +1 -0
package/dist/deployment/keycloak/types.js +1 -0
package/dist/deployment/rhdh/config/auth/guest/app-config.yaml +5 -0
package/dist/deployment/rhdh/config/auth/keycloak/app-config.yaml +19 -0
package/dist/deployment/rhdh/config/auth/keycloak/dynamic-plugins.yaml +3 -0
package/dist/deployment/rhdh/config/auth/keycloak/secrets.yaml +12 -0
package/dist/deployment/rhdh/config/{dynamic-plugins.yaml → common/dynamic-plugins.yaml} +1 -0
package/dist/deployment/rhdh/constants.d.ts +6 -0
package/dist/deployment/rhdh/constants.d.ts.map +1 -1
package/dist/deployment/rhdh/constants.js +17 -5
package/dist/deployment/rhdh/deployment.d.ts +8 -1
package/dist/deployment/rhdh/deployment.d.ts.map +1 -1
package/dist/deployment/rhdh/deployment.js +47 -39
package/dist/deployment/rhdh/index.d.ts +0 -1
package/dist/deployment/rhdh/index.d.ts.map +1 -1
package/dist/deployment/rhdh/types.d.ts +4 -1
package/dist/deployment/rhdh/types.d.ts.map +1 -1
package/dist/eslint/base.config.d.ts.map +1 -1
package/dist/eslint/base.config.js +9 -2
package/dist/playwright/base-config.d.ts +3 -3
package/dist/playwright/base-config.d.ts.map +1 -1
package/dist/playwright/base-config.js +5 -4
package/dist/playwright/fixtures/test.d.ts +4 -1
package/dist/playwright/fixtures/test.d.ts.map +1 -1
package/dist/playwright/fixtures/test.js +16 -4
package/dist/playwright/global-setup.d.ts.map +1 -1
package/dist/playwright/global-setup.js +36 -1
package/dist/playwright/helpers/accessibility.d.ts +13 -0
package/dist/playwright/helpers/accessibility.d.ts.map +1 -0
package/dist/playwright/helpers/accessibility.js +24 -0
package/dist/playwright/helpers/api-endpoints.d.ts +11 -0
package/dist/playwright/helpers/api-endpoints.d.ts.map +1 -0
package/dist/playwright/helpers/api-endpoints.js +15 -0
package/dist/playwright/helpers/api-helper.d.ts +77 -0
package/dist/playwright/helpers/api-helper.d.ts.map +1 -0
package/dist/playwright/helpers/api-helper.js +285 -0
package/dist/playwright/helpers/common.d.ts +31 -0
package/dist/playwright/helpers/common.d.ts.map +1 -0
package/dist/playwright/helpers/common.js +342 -0
package/dist/playwright/helpers/index.d.ts +5 -0
package/dist/playwright/helpers/index.d.ts.map +1 -0
package/dist/playwright/helpers/index.js +4 -0
package/dist/playwright/helpers/navbar.d.ts +2 -0
package/dist/playwright/helpers/navbar.d.ts.map +1 -0
package/dist/playwright/helpers/navbar.js +1 -0
package/dist/playwright/helpers/ui-helper.d.ts +106 -0
package/dist/playwright/helpers/ui-helper.d.ts.map +1 -0
package/dist/playwright/helpers/ui-helper.js +439 -0
package/dist/playwright/page-objects/global-obj.d.ts +25 -0
package/dist/playwright/page-objects/global-obj.d.ts.map +1 -0
package/dist/playwright/page-objects/global-obj.js +24 -0
package/dist/playwright/page-objects/page-obj.d.ts +41 -0
package/dist/playwright/page-objects/page-obj.d.ts.map +1 -0
package/dist/playwright/page-objects/page-obj.js +40 -0
package/dist/playwright/pages/catalog-import.d.ts +31 -0
package/dist/playwright/pages/catalog-import.d.ts.map +1 -0
package/dist/playwright/pages/catalog-import.js +65 -0
package/dist/playwright/pages/catalog.d.ts +14 -0
package/dist/playwright/pages/catalog.d.ts.map +1 -0
package/dist/playwright/pages/catalog.js +37 -0
package/dist/playwright/pages/extensions.d.ts +38 -0
package/dist/playwright/pages/extensions.d.ts.map +1 -0
package/dist/playwright/pages/extensions.js +110 -0
package/dist/playwright/pages/home-page.d.ts +10 -0
package/dist/playwright/pages/home-page.d.ts.map +1 -0
package/dist/playwright/pages/home-page.js +46 -0
package/dist/playwright/pages/index.d.ts +6 -0
package/dist/playwright/pages/index.d.ts.map +1 -0
package/dist/playwright/pages/index.js +5 -0
package/dist/playwright/pages/notifications.d.ts +24 -0
package/dist/playwright/pages/notifications.d.ts.map +1 -0
package/dist/playwright/pages/notifications.js +112 -0
package/dist/utils/kubernetes-client.d.ts +9 -0
package/dist/utils/kubernetes-client.d.ts.map +1 -1
package/dist/utils/kubernetes-client.js +57 -2
package/dist/utils/merge-yamls.d.ts +25 -4
package/dist/utils/merge-yamls.d.ts.map +1 -1
package/dist/utils/merge-yamls.js +52 -12
package/package.json +18 -2
/package/dist/deployment/rhdh/config/{app-config-rhdh.yaml → common/app-config-rhdh.yaml} +0 -0
/package/dist/deployment/rhdh/config/{rhdh-secrets.yaml → common/rhdh-secrets.yaml} +0 -0
/package/dist/deployment/rhdh/{helm → config/helm}/value_file.yaml +0 -0
/package/dist/deployment/rhdh/{operator → config/operator}/subscription.yaml +0 -0

package/dist/deployment/keycloak/deployment.js ADDED Viewed

@@ -0,0 +1,437 @@
+import KeycloakAdminClient from "@keycloak/keycloak-admin-client";
+import { KubernetesClientHelper } from "../../utils/kubernetes-client.js";
+import { $ } from "../../utils/bash.js";
+import { DEFAULT_KEYCLOAK_CONFIG, BITNAMI_CHART_REPO, BITNAMI_CHART_NAME, DEFAULT_CONFIG_PATHS, DEFAULT_RHDH_CLIENT, SERVICE_ACCOUNT_ROLES, DEFAULT_USERS, DEFAULT_GROUPS, } from "./constants.js";
+export class KeycloakHelper {
+    k8sClient = new KubernetesClientHelper();
+    deploymentConfig;
+    keycloakUrl = "";
+    realm = "";
+    clientId = "";
+    clientSecret = "";
+    _adminClient = null;
+    constructor(options = {}) {
+        this.deploymentConfig = this._buildDeploymentConfig(options);
+    }
+    /**
+     * Deploy Keycloak using Helm and configure it for RHDH.
+     */
+    async deploy() {
+        this._log("Starting Keycloak deployment...");
+        await this.k8sClient.createNamespaceIfNotExists(this.deploymentConfig.namespace);
+        await this._deployWithHelm();
+        await this._createRoute();
+        await this._waitForKeycloak();
+        await this._initializeAdminClient();
+    }
+    /**
+     * Check if Keycloak is already running
+     */
+    async isRunning() {
+        try {
+            this.keycloakUrl = await this.getRouteLocation();
+            const response = await fetch(`${this.keycloakUrl}/realms/master`);
+            return response.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Configure Keycloak with realm, client, groups, and users for RHDH
+     */
+    async configureForRHDH(options) {
+        this._log("Configuring Keycloak for RHDH...");
+        await this._ensureAdminClient();
+        const realmName = options?.realm ?? DEFAULT_KEYCLOAK_CONFIG.realm;
+        // Create realm
+        await this.createRealm({ realm: realmName, enabled: true });
+        // Create client
+        const clientConfig = {
+            ...DEFAULT_RHDH_CLIENT,
+            ...options?.client,
+        };
+        await this.createClient(realmName, clientConfig);
+        // Store realm and client info for external access
+        this.realm = realmName;
+        this.clientId = clientConfig.clientId;
+        this.clientSecret = clientConfig.clientSecret;
+        // Assign service account roles
+        await this._assignServiceAccountRoles(realmName, clientConfig.clientId);
+        // Create groups
+        const groups = options?.groups ?? DEFAULT_GROUPS;
+        for (const group of groups) {
+            await this.createGroup(realmName, group);
+        }
+        // Create users
+        const users = options?.users ?? DEFAULT_USERS;
+        for (const user of users) {
+            await this.createUser(realmName, user);
+        }
+    }
+    /**
+     * Connect to an existing Keycloak instance
+     */
+    async connect(config) {
+        this.keycloakUrl = config.baseUrl;
+        this._adminClient = new KeycloakAdminClient({
+            baseUrl: config.baseUrl,
+            realmName: config.realm ?? "master",
+        });
+        if (config.username && config.password) {
+            await this._adminClient.auth({
+                username: config.username,
+                password: config.password,
+                grantType: "password",
+                clientId: config.clientId ?? "admin-cli",
+            });
+        }
+        else if (config.clientId && config.clientSecret) {
+            await this._adminClient.auth({
+                grantType: "client_credentials",
+                clientId: config.clientId,
+                clientSecret: config.clientSecret,
+            });
+        }
+    }
+    /**
+     * Create a new realm
+     */
+    async createRealm(config) {
+        await this._ensureAdminClient();
+        try {
+            await this._adminClient.realms.create({
+                realm: config.realm,
+                displayName: config.displayName ?? config.realm,
+                enabled: config.enabled ?? true,
+            });
+            this._log(`Created realm: ${config.realm}`);
+        }
+        catch (error) {
+            if (this._isConflictError(error)) {
+                this._log(`Realm ${config.realm} already exists`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    /**
+     * Create a new client in a realm
+     */
+    async createClient(realm, config) {
+        await this._ensureAdminClient();
+        try {
+            this._adminClient.setConfig({ realmName: realm });
+            await this._adminClient.clients.create({
+                clientId: config.clientId,
+                secret: config.clientSecret,
+                name: config.name ?? config.clientId,
+                description: config.description ?? "",
+                redirectUris: config.redirectUris ?? ["*"],
+                webOrigins: config.webOrigins ?? ["*"],
+                standardFlowEnabled: config.standardFlowEnabled ?? true,
+                implicitFlowEnabled: config.implicitFlowEnabled ?? true,
+                directAccessGrantsEnabled: config.directAccessGrantsEnabled ?? true,
+                serviceAccountsEnabled: config.serviceAccountsEnabled ?? true,
+                authorizationServicesEnabled: config.authorizationServicesEnabled ?? true,
+                publicClient: config.publicClient ?? false,
+                enabled: true,
+                protocol: "openid-connect",
+                fullScopeAllowed: true,
+                attributes: config.attributes,
+                defaultClientScopes: config.defaultClientScopes,
+                optionalClientScopes: config.optionalClientScopes,
+            });
+            this._log(`Created client: ${config.clientId}`);
+        }
+        catch (error) {
+            if (this._isConflictError(error)) {
+                this._log(`Client ${config.clientId} already exists`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    /**
+     * Create a group in a realm
+     */
+    async createGroup(realm, config) {
+        await this._ensureAdminClient();
+        try {
+            this._adminClient.setConfig({ realmName: realm });
+            await this._adminClient.groups.create({
+                name: config.name,
+            });
+            this._log(`Created group: ${config.name}`);
+        }
+        catch (error) {
+            if (this._isConflictError(error)) {
+                this._log(`Group ${config.name} already exists`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    /**
+     * Create a user in a realm with optional group membership
+     */
+    async createUser(realm, config) {
+        await this._ensureAdminClient();
+        try {
+            this._adminClient.setConfig({ realmName: realm });
+            // Create user
+            const createResponse = await this._adminClient.users.create({
+                username: config.username,
+                email: config.email,
+                firstName: config.firstName,
+                lastName: config.lastName,
+                enabled: config.enabled ?? true,
+                emailVerified: config.emailVerified ?? true,
+            });
+            this._log(`Created user: ${config.username}`);
+            const userId = createResponse.id;
+            // Set password if provided
+            if (config.password) {
+                await this._adminClient.users.resetPassword({
+                    id: userId,
+                    credential: {
+                        type: "password",
+                        value: config.password,
+                        temporary: config.temporary ?? false,
+                    },
+                });
+            }
+            // Add to groups if specified
+            if (config.groups?.length) {
+                for (const groupName of config.groups) {
+                    await this._addUserToGroup(realm, userId, groupName);
+                }
+            }
+        }
+        catch (error) {
+            if (this._isConflictError(error)) {
+                this._log(`User ${config.username} already exists`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    /**
+     * Get all users in a realm
+     */
+    async getUsers(realm) {
+        await this._ensureAdminClient();
+        this._adminClient.setConfig({ realmName: realm });
+        const users = await this._adminClient.users.find();
+        return users.map((u) => ({
+            username: u.username,
+            email: u.email,
+            firstName: u.firstName,
+            lastName: u.lastName,
+            enabled: u.enabled,
+            emailVerified: u.emailVerified,
+        }));
+    }
+    /**
+     * Get all groups in a realm
+     */
+    async getGroups(realm) {
+        await this._ensureAdminClient();
+        this._adminClient.setConfig({ realmName: realm });
+        const groups = await this._adminClient.groups.find();
+        return groups.map((g) => ({ name: g.name }));
+    }
+    /**
+     * Delete a user from a realm
+     */
+    async deleteUser(realm, username) {
+        await this._ensureAdminClient();
+        this._adminClient.setConfig({ realmName: realm });
+        const users = await this._adminClient.users.find({ username });
+        if (users.length > 0) {
+            await this._adminClient.users.del({ id: users[0].id });
+            this._log(`Deleted user: ${username}`);
+        }
+    }
+    /**
+     * Delete a group from a realm
+     */
+    async deleteGroup(realm, groupName) {
+        await this._ensureAdminClient();
+        this._adminClient.setConfig({ realmName: realm });
+        const groups = await this._adminClient.groups.find({ search: groupName });
+        const group = groups.find((g) => g.name === groupName);
+        if (group) {
+            await this._adminClient.groups.del({ id: group.id });
+            this._log(`Deleted group: ${groupName}`);
+        }
+    }
+    /**
+     * Delete a realm
+     */
+    async deleteRealm(realm) {
+        await this._ensureAdminClient();
+        try {
+            await this._adminClient.realms.del({ realm });
+            this._log(`Deleted realm: ${realm}`);
+        }
+        catch (error) {
+            this._log(`Failed to delete realm ${realm}: ${error}`);
+        }
+    }
+    /**
+     * Teardown Keycloak deployment
+     */
+    async teardown() {
+        await this.k8sClient.deleteNamespace(this.deploymentConfig.namespace);
+        this._log(`Keycloak deployment torn down`);
+    }
+    /**
+     * Wait for Keycloak to be ready
+     */
+    async waitUntilReady(timeout = 300) {
+        this._log(`Waiting for Keycloak to be ready...`);
+        await this.k8sClient.waitForStatefulSetReady(this.deploymentConfig.namespace, this.deploymentConfig.releaseName, timeout);
+    }
+    // Private methods
+    _buildDeploymentConfig(options) {
+        return {
+            namespace: options.namespace ?? DEFAULT_KEYCLOAK_CONFIG.namespace,
+            releaseName: options.releaseName ?? DEFAULT_KEYCLOAK_CONFIG.releaseName,
+            valuesFile: options.valuesFile ?? DEFAULT_CONFIG_PATHS.valuesFile,
+            adminUser: options.adminUser ?? DEFAULT_KEYCLOAK_CONFIG.adminUser,
+            adminPassword: options.adminPassword ?? DEFAULT_KEYCLOAK_CONFIG.adminPassword,
+        };
+    }
+    async _deployWithHelm() {
+        await $ `helm repo add bitnami ${BITNAMI_CHART_REPO} || true`;
+        await $ `helm repo update > /dev/null 2>&1`;
+        await $ `helm upgrade --install ${this.deploymentConfig.releaseName} ${BITNAMI_CHART_NAME} \
+      --namespace ${this.deploymentConfig.namespace} \
+      --values ${this.deploymentConfig.valuesFile} > /dev/null 2>&1`;
+        await this.waitUntilReady();
+    }
+    async _createRoute() {
+        // Use TLS edge termination with Allow policy to support both HTTP and HTTPS
+        const routeManifest = `
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: ${this.deploymentConfig.releaseName}
+  namespace: ${this.deploymentConfig.namespace}
+  labels:
+    app.kubernetes.io/name: keycloak
+    app.kubernetes.io/instance: ${this.deploymentConfig.releaseName}
+spec:
+  to:
+    kind: Service
+    name: ${this.deploymentConfig.releaseName}
+    weight: 100
+  port:
+    targetPort: http
+  tls:
+    termination: edge
+    insecureEdgeTerminationPolicy: Allow
+  wildcardPolicy: None
+`;
+        await $ `echo ${routeManifest} | kubectl apply -f -`;
+    }
+    async getRouteLocation() {
+        return await this.k8sClient.getRouteLocation(this.deploymentConfig.namespace, this.deploymentConfig.releaseName);
+    }
+    async _waitForKeycloak() {
+        this._log("Waiting for Keycloak API to be ready...");
+        const timeout = 300;
+        const startTime = Date.now();
+        while (true) {
+            if (await this.isRunning()) {
+                break;
+            }
+            if ((Date.now() - startTime) / 1000 >= timeout) {
+                throw new Error("Keycloak API not ready after 5 minutes");
+            }
+            await new Promise((resolve) => setTimeout(resolve, 5000));
+            this._log("  Waiting for Keycloak API to be ready...");
+        }
+    }
+    async _initializeAdminClient() {
+        this._adminClient = new KeycloakAdminClient({
+            baseUrl: this.keycloakUrl,
+            realmName: "master",
+        });
+        await this._adminClient.auth({
+            username: this.deploymentConfig.adminUser,
+            password: this.deploymentConfig.adminPassword,
+            grantType: "password",
+            clientId: "admin-cli",
+        });
+    }
+    async _ensureAdminClient() {
+        if (!this._adminClient) {
+            throw new Error("Admin client not initialized. Call deploy() or connect() first.");
+        }
+    }
+    async _assignServiceAccountRoles(realm, clientId) {
+        await this._ensureAdminClient();
+        this._adminClient.setConfig({ realmName: realm });
+        // Get service account user
+        const clients = await this._adminClient.clients.find({ clientId });
+        if (clients.length === 0) {
+            throw new Error(`Client ${clientId} not found`);
+        }
+        const client = clients[0];
+        const serviceAccountUser = await this._adminClient.clients.getServiceAccountUser({
+            id: client.id,
+        });
+        // Get realm-management client
+        const realmMgmtClients = await this._adminClient.clients.find({
+            clientId: "realm-management",
+        });
+        if (realmMgmtClients.length === 0) {
+            throw new Error("realm-management client not found");
+        }
+        const realmMgmtClient = realmMgmtClients[0];
+        // Get roles
+        const allRoles = await this._adminClient.clients.listRoles({
+            id: realmMgmtClient.id,
+        });
+        const rolesToAssign = allRoles.filter((r) => SERVICE_ACCOUNT_ROLES.includes(r.name));
+        if (rolesToAssign.length > 0) {
+            await this._adminClient.users.addClientRoleMappings({
+                id: serviceAccountUser.id,
+                clientUniqueId: realmMgmtClient.id,
+                roles: rolesToAssign.map((r) => ({
+                    id: r.id,
+                    name: r.name,
+                })),
+            });
+            this._log(`Assigned service account roles: ${rolesToAssign.map((r) => r.name).join(", ")}`);
+        }
+    }
+    async _addUserToGroup(realm, userId, groupName) {
+        this._adminClient.setConfig({ realmName: realm });
+        const groups = await this._adminClient.groups.find({ search: groupName });
+        const group = groups.find((g) => g.name === groupName);
+        if (group) {
+            await this._adminClient.users.addToGroup({
+                id: userId,
+                groupId: group.id,
+            });
+            this._log(`  Added user to group: ${groupName}`);
+        }
+        else {
+            this._log(`  Warning: Group ${groupName} not found`);
+        }
+    }
+    _isConflictError(error) {
+        const err = error;
+        return err.response?.status === 409 || err.status === 409;
+    }
+    _log(...args) {
+        console.log("[Keycloak]", ...args);
+    }
+}

package/dist/deployment/keycloak/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { KeycloakHelper } from "./deployment.js";
2	+ //# sourceMappingURL=index.d.ts.map

package/dist/deployment/keycloak/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/deployment/keycloak/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/deployment/keycloak/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { KeycloakHelper } from "./deployment.js";

package/dist/deployment/keycloak/types.d.ts ADDED Viewed

@@ -0,0 +1,59 @@
+export type KeycloakDeploymentOptions = {
+    namespace?: string;
+    releaseName?: string;
+    valuesFile?: string;
+    adminUser?: string;
+    adminPassword?: string;
+};
+export type KeycloakDeploymentConfig = {
+    namespace: string;
+    releaseName: string;
+    valuesFile: string;
+    adminUser: string;
+    adminPassword: string;
+};
+export type KeycloakClientConfig = {
+    clientId: string;
+    clientSecret: string;
+    name?: string;
+    description?: string;
+    redirectUris?: string[];
+    webOrigins?: string[];
+    standardFlowEnabled?: boolean;
+    implicitFlowEnabled?: boolean;
+    directAccessGrantsEnabled?: boolean;
+    serviceAccountsEnabled?: boolean;
+    authorizationServicesEnabled?: boolean;
+    publicClient?: boolean;
+    attributes?: Record<string, string>;
+    defaultClientScopes?: string[];
+    optionalClientScopes?: string[];
+};
+export type KeycloakUserConfig = {
+    username: string;
+    email?: string;
+    firstName?: string;
+    lastName?: string;
+    enabled?: boolean;
+    emailVerified?: boolean;
+    password?: string;
+    temporary?: boolean;
+    groups?: string[];
+};
+export type KeycloakGroupConfig = {
+    name: string;
+};
+export type KeycloakRealmConfig = {
+    realm: string;
+    displayName?: string;
+    enabled?: boolean;
+};
+export type KeycloakConnectionConfig = {
+    baseUrl: string;
+    realm?: string;
+    clientId?: string;
+    clientSecret?: string;
+    username?: string;
+    password?: string;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/deployment/keycloak/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/deployment/keycloak/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,yBAAyB,GAAG;IACtC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,4BAA4B,CAAC,EAAE,OAAO,CAAC;IACvC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;CACjC,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC"}

package/dist/deployment/keycloak/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/deployment/rhdh/config/auth/guest/app-config.yaml ADDED Viewed

@@ -0,0 +1,5 @@
+auth:
+  environment: development
+  providers:
+    guest:
+      dangerouslyAllowOutsideDevelopment: true

package/dist/deployment/rhdh/config/auth/keycloak/app-config.yaml ADDED Viewed

@@ -0,0 +1,19 @@
+auth:
+  environment: production
+  session:
+    secret: superSecretSecret
+  providers:
+    oidc:
+      production:
+        metadataUrl: "${KEYCLOAK_METADATA_URL}"
+        clientId: "${KEYCLOAK_CLIENT_ID}"
+        clientSecret: "${KEYCLOAK_CLIENT_SECRET}"
+        prompt: auto
+        callbackUrl: "${RHDH_BASE_URL}/api/auth/oidc/handler/frame"
+        signIn:
+          resolvers:
+            - resolver: emailLocalPartMatchingUserEntityName
+signInPage: oidc
+catalog:
+  rules:
+    - allow: [User, Group]

package/dist/deployment/rhdh/config/auth/keycloak/dynamic-plugins.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+plugins:
+  - package: ./dynamic-plugins/dist/backstage-community-plugin-catalog-backend-module-keycloak-dynamic
+    disabled: false

package/dist/deployment/rhdh/config/auth/keycloak/secrets.yaml ADDED Viewed

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rhdh-secrets
+type: Opaque
+stringData:
+  KEYCLOAK_BASE_URL: $KEYCLOAK_BASE_URL
+  KEYCLOAK_METADATA_URL: $KEYCLOAK_METADATA_URL
+  KEYCLOAK_CLIENT_ID: $KEYCLOAK_CLIENT_ID
+  KEYCLOAK_CLIENT_SECRET: $KEYCLOAK_CLIENT_SECRET
+  KEYCLOAK_REALM: $KEYCLOAK_REALM
+  KEYCLOAK_LOGIN_REALM: $KEYCLOAK_LOGIN_REALM

package/dist/deployment/rhdh/config/{dynamic-plugins.yaml → common/dynamic-plugins.yaml} RENAMED Viewed

@@ -1,2 +1,3 @@
 includes:
   - dynamic-plugins.default.yaml
+plugins: []

package/dist/deployment/rhdh/constants.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import type { AuthProvider } from "./types.js";
 export declare const DEFAULT_CONFIG_PATHS: {
     appConfig: string;
     secrets: string;
@@ -9,5 +10,10 @@ export declare const DEFAULT_CONFIG_PATHS: {
         subscription: string;
     };
 };
+export declare const AUTH_CONFIG_PATHS: Record<AuthProvider, {
+    appConfig: string;
+    secrets: string;
+    dynamicPlugins: string;
+}>;
 export declare const CHART_URL = "oci://quay.io/rhdh/chart";
 //# sourceMappingURL=constants.d.ts.map

package/dist/deployment/rhdh/constants.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../src/deployment/rhdh/constants.ts"],"names":[],"mappings":"~~AAKA~~,eAAO,MAAM,oBAAoB;;;;;;;;;;CAyBhC,CAAC;AAEF,eAAO,MAAM,SAAS,6BAA6B,CAAC"}
1	+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../src/deployment/rhdh/constants.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAK/C,eAAO,MAAM,oBAAoB;;;;;;;;;;CAyBhC,CAAC;AAEF,eAAO,MAAM,iBAAiB,EAAE,MAAM,CACpC,YAAY,EACZ;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,CAwB/D,CAAC;AAEF,eAAO,MAAM,SAAS,6BAA6B,CAAC"}

package/dist/deployment/rhdh/constants.js CHANGED Viewed

@@ -2,14 +2,26 @@ import path from "path";
 // Navigate from dist/deployment/rhdh/ to package root
 const PACKAGE_ROOT = path.resolve(import.meta.dirname, "../../..");
 export const DEFAULT_CONFIG_PATHS = {
-    appConfig: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/app-config-rhdh.yaml"),
-    secrets: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/rhdh-secrets.yaml"),
-    dynamicPlugins: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/dynamic-plugins.yaml"),
+    appConfig: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/common/app-config-rhdh.yaml"),
+    secrets: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/common/rhdh-secrets.yaml"),
+    dynamicPlugins: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/common/dynamic-plugins.yaml"),
     helm: {
-        valueFile: path.join(PACKAGE_ROOT, "src/deployment/rhdh/helm/value_file.yaml"),
+        valueFile: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/helm/value_file.yaml"),
     },
     operator: {
-        subscription: path.join(PACKAGE_ROOT, "src/deployment/rhdh/operator/subscription.yaml"),
+        subscription: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/operator/subscription.yaml"),
+    },
+};
+export const AUTH_CONFIG_PATHS = {
+    guest: {
+        appConfig: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/auth/guest/app-config.yaml"),
+        secrets: "",
+        dynamicPlugins: "",
+    },
+    keycloak: {
+        appConfig: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/auth/keycloak/app-config.yaml"),
+        secrets: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/auth/keycloak/secrets.yaml"),
+        dynamicPlugins: path.join(PACKAGE_ROOT, "dist/deployment/rhdh/config/auth/keycloak/dynamic-plugins.yaml"),
     },
 };
 export const CHART_URL = "oci://quay.io/rhdh/chart";

package/dist/deployment/rhdh/deployment.d.ts CHANGED Viewed

@@ -4,7 +4,7 @@ export declare class RHDHDeployment {
     k8sClient: KubernetesClientHelper;
     rhdhUrl: string;
     deploymentConfig: DeploymentConfig;
-    constructor(deploymentOptions: DeploymentOptions);
+    constructor(namespace: string);
     deploy(): Promise<void>;
     private _applyAppConfig;
     private _applySecrets;
@@ -12,6 +12,12 @@ export declare class RHDHDeployment {
     private _deployWithHelm;
     private _deployWithOperator;
     rolloutRestart(): Promise<void>;
+    /**
+     * Performs a clean restart by scaling down to 0 first, waiting for pods to terminate,
+     * then scaling back up. This prevents MigrationLocked errors by ensuring no pods
+     * hold database locks when new pods start.
+     */
+    scaleDownAndRestart(): Promise<void>;
     waitUntilReady(timeout?: number): Promise<void>;
     teardown(): Promise<void>;
     private _resolveChartVersion;
@@ -19,5 +25,6 @@ export declare class RHDHDeployment {
     configure(deploymentOptions?: DeploymentOptions): Promise<void>;
     private _buildBaseUrl;
     private _log;
+    private _logBoxen;
 }
 //# sourceMappingURL=deployment.d.ts.map

package/dist/deployment/rhdh/deployment.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"deployment.d.ts","sourceRoot":"","sources":["../../../src/deployment/rhdh/deployment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;~~AAS1E~~,OAAO,KAAK,EACV,iBAAiB,EACjB,gBAAgB,EAGjB,MAAM,YAAY,CAAC;AAEpB,qBAAa,cAAc;IAClB,SAAS,yBAAgC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB,EAAE,gBAAgB,CAAC;gBAE9B,~~iBAAiB~~,EAAE,~~iBAAiB~~;~~IAS1C~~,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;~~YAoBf~~,eAAe;~~YAoBf~~,aAAa;~~YAab~~,oBAAoB;~~YAmBpB~~,eAAe;~~YAkDf~~,mBAAmB;~~IAkC3B~~,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;~~IAW/B~~,cAAc,CAAC,OAAO,GAAE,MAAY,GAAG,OAAO,CAAC,IAAI,CAAC;~~IAiBpD~~,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;YAIjB,oBAAoB;IA6BlC,OAAO,CAAC,sBAAsB;~~IAkCxB~~,SAAS,CAAC,iBAAiB,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcrE,OAAO,CAAC,aAAa;IAUrB,OAAO,CAAC,IAAI;~~CAGb~~"}
1	+ {"version":3,"file":"deployment.d.ts","sourceRoot":"","sources":["../../../src/deployment/rhdh/deployment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAa1E,OAAO,KAAK,EACV,iBAAiB,EACjB,gBAAgB,EAGjB,MAAM,YAAY,CAAC;AAEpB,qBAAa,cAAc;IAClB,SAAS,yBAAgC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB,EAAE,gBAAgB,CAAC;gBAE9B,SAAS,EAAE,MAAM;IAUvB,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;YAqBf,eAAe;YAgBf,aAAa;YAeb,oBAAoB;YAkBpB,eAAe;YA2Cf,mBAAmB;IA4B3B,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IAWrC;;;;OAIG;IACG,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;IAOpC,cAAc,CAAC,OAAO,GAAE,MAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAwBpD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;YAIjB,oBAAoB;IA6BlC,OAAO,CAAC,sBAAsB;IAoCxB,SAAS,CAAC,iBAAiB,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcrE,OAAO,CAAC,aAAa;IAUrB,OAAO,CAAC,IAAI;IAIZ,OAAO,CAAC,SAAS;CAGlB"}