Merge remote-tracking branch 'origin/stage' into main

vertigobr · Sep 28, 2021 · a283c90 · a283c90
2 parents 28aa891 + dc0df51
commit a283c90
Show file tree

Hide file tree

Showing 4 changed files with 110 additions and 58 deletions.
diff --git a/vkpr-test/keycloak-test.bats b/vkpr-test/keycloak-test.bats
@@ -12,7 +12,8 @@ setup_file() {
         kubectl wait --for=condition=ready --timeout=1m pod --all
         echo "setup: installing keycloak...." >&3
         rit vkpr keycloak install --default
-        kubectl wait --for=condition=ready --timeout=1m pod --all
+        kubectl wait --for=condition=ready --timeout=2m pod --all
+        sleep 60
         sleep 2
     fi
 }
@@ -24,10 +25,23 @@ setup() {
 
 @test "Check if keycloak is up" {
     run curlKeycloak
+    expected='"realm":"master"'
+    assert_equal "$output" "$expected"
+}
+
+@test "Generate Token to use in OpenID" {
+    run curlKeycloakToken
     actual="${lines[3]}"
     trim "$actual"
-    actual="$TRIMMED"
-    expected='"realm":"master"'
+    expected='"access_token"'
+    assert_equal "$actual" "$expected"
+}
+
+@test "Show the name from userinfo with OpenID endpoint" {
+    run curlKeycloakUserinfo
+    actual="${lines[6]}"
+    trim "$actual"
+    expected='Sample Admin'
     assert_equal "$actual" "$expected"
 }
 
@@ -46,10 +60,21 @@ teardown_file() {
 }
 
 curlKeycloak(){
-  content=$(curl -H "Host: keycloak.localhost" http://127.0.0.1:8000/auth/realms/master)
+  content=$(curl -s -H "Host: vkpr-keycloak.localhost" http://127.0.0.1:8000/auth/realms/master)
   echo ${content:1:16}
 }
 
+curlKeycloakToken(){
+    content=$(curl -X POST -H "Host: vkpr-keycloak.localhost" -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=password&username=sample-admin&password=password&client_secret=3162d962-c3d1-498e-8cb3-a1ae0005c4d9&client_id=grafana&scope=openid" http://127.0.0.1:8000/auth/realms/grafana/protocol/openid-connect/token/)
+    echo ${content:1:14}
+}
+
+curlKeycloakUserinfo(){
+    TOKEN_VALUE=$(curl -X POST -H "Host: vkpr-keycloak.localhost" -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=password&username=sample-admin&password=password&client_secret=3162d962-c3d1-498e-8cb3-a1ae0005c4d9&client_id=grafana&scope=openid" http://127.0.0.1:8000/auth/realms/grafana/protocol/openid-connect/token/ | $VKPR_HOME/bin/jq -r '.access_token')
+    content=$(curl -X POST -H "Host: vkpr-keycloak.localhost" -H "Authorization: Bearer ${TOKEN_VALUE}" http://127.0.0.1:8000/auth/realms/grafana/protocol/openid-connect/userinfo | $VKPR_HOME/bin/jq -r '.name')
+    echo ${content}
+}
+
 trim() {
     local var="$*"
     # remove leading whitespace characters

diff --git a/vkpr/keycloak/install/src/utils/realm.json b/vkpr/keycloak/install/src/utils/realm.json
@@ -43,6 +43,65 @@
   "quickLoginCheckMilliSeconds": 1000,
   "maxDeltaTimeSeconds": 43200,
   "failureFactor": 30,
+  "users": [
+    {
+      "username": "sample-user",
+      "enabled": true,
+      "email": "sample-user@example",
+      "firstName": "Sample",
+      "lastName": "User",
+      "credentials": [
+        {
+          "type": "password",
+          "value": "password"
+        }
+      ],
+      "realmRoles": [],
+      "clientRoles": {
+        "grafana": [
+          "viewer"
+        ]
+      }
+    },
+    {
+      "username": "sample-editor",
+      "enabled": true,
+      "email": "sample-editor@example",
+      "firstName": "Sample",
+      "lastName": "Editor",
+      "credentials": [
+        {
+          "type": "password",
+          "value": "password"
+        }
+      ],
+      "realmRoles": [],
+      "clientRoles": {
+        "grafana": [
+          "editor"
+        ]
+      }
+    },
+    {
+      "username": "sample-admin",
+      "enabled": true,
+      "email": "sample-admin@example",
+      "firstName": "Sample",
+      "lastName": "Admin",
+      "credentials": [
+        {
+          "type": "password",
+          "value": "password"
+        }
+      ],
+      "realmRoles": [],
+      "clientRoles": {
+        "grafana": [
+          "admin"
+        ]
+      }
+    }
+  ],
   "roles": {
     "realm": [
       {

diff --git a/vkpr/loki/install/src/unix/formula/formula.sh b/vkpr/loki/install/src/unix/formula/formula.sh
@@ -12,69 +12,37 @@ addRepLoki(){
     echoColor "green" "Installing Loki..."
     $VKPR_HELM repo add grafana https://grafana.github.io/helm-charts
     $VKPR_HELM repo update
-  }
-
-  installLoki(){
-     $VKPR_HELM upgrade --install --wait --timeout 5m vkpr-loki-stack -f $VKPR_EXTERNAL_LOKI_VALUES grafana/loki-stack
-  }
-
-  existGrafana(){
-    check_pod_name "vkpr-prometheus-stack-grafana" 
-    if [[ $POD_EXISTS == true ]]; then
-      echoColor "yellow" "Adding Loki to Grafana's datasource..."
-      local LOGINGRAFANA="$($VKPR_KUBECTL get secret vkpr-prometheus-stack-grafana -o yaml | $VKPR_YQ eval '.data.admin-user' - | base64 -d):$($VKPR_KUBECTL get secret vkpr-prometheus-stack-grafana -o yaml | $VKPR_YQ eval '.data.admin-password' - | base64 -d)"
-      local TOKEN_API_GRAFANA=$(curl -k -X POST -H "Host: grafana.localhost" -H "Content-Type: application/json" -d '{"name": "apikeycurl","role": "Admin"}' http://$LOGINGRAFANA@127.0.0.1:8000/api/auth/keys | $VKPR_JQ --raw-output '.key')
-      if [[ $TOKEN_API_GRAFANA == "" ]]; then
-        echoColor "red" "Api Token can only be request once or ingress is not installed."
-      fi
-
-        curl -K -X -H "Host: grafana.localhost" -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN_API_GRAFANA" -d '
-            {
-              "name":"loki",
-              "type":"loki",
-              "url":"vkpr-loki-stack.default.svs.cluster.local:3100",
-              "access":"proxy",
-              "basicAuth":false,
-              "editable": true
-            }' http://127.0.0.1:8000/api/datasources
-
-    fi
-  }
+}
 
-  check_pod_name(){
-    for pod in $($VKPR_KUBECTL get pods | awk 'NR>1{print $1}'); do
-      if [[ "$pod" == "$1"* ]]; then
-        POD_EXISTS=true  # pod name found a match, then returns True
-        return
-      fi
-    done
-    POD_EXISTS=false
-  }
+installLoki(){
+    $VKPR_HELM upgrade --install --wait --timeout 5m vkpr-loki-stack -f $VKPR_EXTERNAL_LOKI_VALUES grafana/loki-stack
+}
 
 existGrafana() {
   if [[ $(checkExistingGrafana) = "vkpr-prometheus-stack-grafana" ]]; then
     local LOGINGRAFANA="$($VKPR_KUBECTL get secret vkpr-prometheus-stack-grafana -o yaml | $VKPR_YQ eval '.data.admin-user' - | base64 -d):$($VKPR_KUBECTL get secret vkpr-prometheus-stack-grafana -o yaml | $VKPR_YQ eval '.data.admin-password' - | base64 -d)"
-    local TOKEN_API_GRAFANA=$(curl -sk -X POST -H "Host: grafana.localhost" \
-    -H "Content-Type: application/json" \
-    -d '
-      {
-        "name":"apikeycurl",
-        "role": "Admin"
-      }
-    ' http://$LOGINGRAFANA@127.0.0.1:8000/api/auth/keys | $VKPR_JQ --raw-output '.key')
-    curl -sk -X POST -H "Host: grafana.localhost" \
-    -H "Content-Type: application/json" \
-    -H "Authorization: Bearer $TOKEN_API_GRAFANA" \
-    -d '
+    local TOKEN_API_GRAFANA=$(curl -k -X POST -H "Host: grafana.localhost" -H "Content-Type: application/json" -d '{"name": "apikeycurl","role": "Admin"}' http://$LOGINGRAFANA@127.0.0.1:8000/api/auth/keys | $VKPR_JQ --raw-output '.key')
+    if [[ $TOKEN_API_GRAFANA == "" ]]; then
+      echoColor "red" "Api Token can only be request once or ingress is not installed."
+    fi
+    curl -K -X -H "Host: grafana.localhost" -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN_API_GRAFANA" -d '
       {
-        "name":"Loki",
+        "name":"loki",
         "type":"loki",
-        "url":"http://vkpr-loki-stack:3100",
+        "url":"vkpr-loki-stack.default.svs.cluster.local:3100",
         "access":"proxy",
         "basicAuth":false,
         "editable": true
-      }
-    ' http://127.0.0.1:8000/api/datasources > /dev/null
+      }' http://127.0.0.1:8000/api/datasources
   fi
 }
 
+check_pod_name(){
+  for pod in $($VKPR_KUBECTL get pods | awk 'NR>1{print $1}'); do
+    if [[ "$pod" == "$1"* ]]; then
+      POD_EXISTS=true  # pod name found a match, then returns True
+      return
+    fi
+  done
+  POD_EXISTS=false
+}
diff --git a/vkpr/postgres/install/src/unix/formula/formula.sh b/vkpr/postgres/install/src/unix/formula/formula.sh
@@ -14,5 +14,5 @@ addRepoPostgres(){
 
 installPostgres(){
   echoColor "yellow" "Installing postgres..."
-  $VKPR_HELM upgrade -i --set global.postgresql.postgresqlPassword=$PASSWORD vkpr-postgres bitnami/postgresql
+  $VKPR_HELM upgrade -i --set global.postgresql.postgresqlPassword=$PASSWORD --set volumePermissions.enabled=true vkpr-postgres bitnami/postgresql
 }