github.com/smlx/lagoon-ska

Release v0.1.0

Tool to Synchronise Keycloak Group Attributes for Lagoon

Homepage Go Go Documentation

License
Apache-2.0
Install
go get github.com/smlx/lagoon-ska

Documentation

Lagoon Synchronise Keycloak Attributes (SKA)

Release Coverage Go Report Card

What this does

Checks Keycloak groups in the Lagoon realm for the group-lagoon-project-ids attribute required by the ssh-portal. If the attribute doesn't exist, it is synthesised from the group's lagoon-projects attribute.

How to use

Copy the binary into the Lagoon API pod.

kubectl cp ~/download/lagoon-ska lagoon-core-api-74bffc6876-lklzf:/tmp/lagoon-ska

Dump the groups in JSON format as a backup.

$ kubectl exec -it lagoon-core-api-74bffc6876-lklzf -- /tmp/lagoon-ska dump > /tmp/groups.before.json

Run in dry-run mode (the default) first to see what will change.

$ kubectl exec -it lagoon-core-api-74bffc6876-lklzf -- /tmp/lagoon-ska
{"level":"info","ts":1659065140.0172124,"caller":"lagoon-ska/sync.go:34","msg":"not making any changes in dry-run mode"}
{"level":"info","ts":1659065140.0215838,"caller":"keycloak/sync.go:78","msg":"groups found with missing attributes","count":2}
{"level":"info","ts":1659065140.021606,"caller":"keycloak/sync.go:83","msg":"missing group-lagoon-project-ids attribute on group","name":"ci-group","ID":"01f8c347-62ef-4f6c-b1dc-5c1050bf5155"}
{"level":"info","ts":1659065140.0216126,"caller":"keycloak/sync.go:83","msg":"missing group-lagoon-project-ids attribute on group","name":"project-ci-drush-la-control-k8s","ID":"24ad6257-502c-407a-bfac-52d75b9ed8a2"}

Run the sync to update the group attributes.

$ kubectl exec -it lagoon-core-api-74bffc6876-lklzf -- /tmp/lagoon-ska sync --dry-run=false
{"level":"info","ts":1659065225.1785626,"caller":"keycloak/sync.go:78","msg":"groups found with missing attributes","count":2}
{"level":"info","ts":1659065225.181286,"caller":"keycloak/sync.go:97","msg":"updated group-lagoon-project-ids attribute on group","name":"ci-group","ID":"01f8c347-62ef-4f6c-b1dc-5c1050bf5155"}
{"level":"info","ts":1659065225.1840253,"caller":"keycloak/sync.go:97","msg":"updated group-lagoon-project-ids attribute on group","name":"project-ci-drush-la-control-k8s","ID":"24ad6257-502c-407a-bfac-52d75b9ed8a2"}

Dump the groups again (and diff against the previous dump to confirm the changes).

$ kubectl exec -it lagoon-core-api-74bffc6876-lklzf -- /tmp/lagoon-ska dump > /tmp/groups.after.json

Stats

Dependencies
9
Dependent packages
0
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
1
Repository size
31.3 KB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

v0.1.0

Contributors

Scott Leggett


See all contributors

Login to resync this project