in src/com/epam/digital/data/platform/pipelines/stages/impl/lowcode/CreateKeycloakRoles.groovy [29:92]
void run() {
try {
ArrayList<String> filesToDeploy
if (context.getParameterValue("FULL_DEPLOY", "false").toBoolean()) {
filesToDeploy = context.registryRegulations.getAllRegulations(RegulationType.ROLES).join(",").tokenize(',')
context.logger.info("filesToDeploy: ${filesToDeploy}")
} else {
filesToDeploy = context.registryRegulations.getChangedStatusOrFiles("plan", "create-keycloak-roles",
"--file-detailed ${context.getWorkDir()}/${RegulationType.ROLES.value}")
}
if (filesToDeploy) {
filesToDeploy.each { file ->
if (!file.contains(".gitkeep")) {
String roles = context.script.readFile(file: file.trim())
String realmName = context.script.sh(script: "basename ${file} .yml", returnStdout: true).trim()
String KEYCLOAK_REALM_ROLE_BATCH_CR = "KeycloakRealmRoleBatch.v1.edp.epam.com"
if (roles.isEmpty()) {
if (context.platform.checkObjectExists(KEYCLOAK_REALM_ROLE_BATCH_CR, realmName)) {
context.platform.deleteObject(KEYCLOAK_REALM_ROLE_BATCH_CR, realmName)
context.logger.info("KeycloakRealmRoleBatch ${realmName} was deleted")
} else {
context.logger.info("Skip ${realmName} role batch creation due to empty ${file} file")
}
} else {
context.logger.info("Creating roles from ${file}")
String template = context.script.libraryResource("${context.YAML_RESOURCES_RELATIVE_PATH}" +
"/keycloak/keycloak-realm-roles-batch.yaml")
LinkedHashMap<String, String> binding = ["realmName": realmName, "roles": roles]
String destination = "${realmName}-roles.yaml"
context.script.writeFile(file: destination, text: TemplateRenderer.renderTemplate(template, binding))
context.platform.apply(destination)
context.logger.info("Roles from ${file} have been sucessfully created")
}
}
}
context.script.dir("${context.workDir}/${RegulationType.ROLES.value}") {
try {
["officer", "citizen"].each {
context.logger.info("Updating ${it}-roles configmap")
String rolesConfigFile = "${it}.yml"
String rolesConfigmapKey = "${it}-roles.yml"
String configmapName = "${it}-roles"
String rolesConfigmapYaml = "registry-regulation:\\n ${it}:\\n" +
"${context.script.sh(script: """x=4; awk '{printf "%"'\$x'"s%s\\n", "", \$0}' \
${rolesConfigFile}""", returnStdout: true).replaceAll("\n", "\\\\n")}"
context.bpmsConfigMapsChanged["${it}Roles"] = context.platform.patchConfigMapKey(configmapName,
rolesConfigmapKey, rolesConfigmapYaml)
context.logger.info("Configmap ${it}-roles have been successfully updated")
}
} catch (any) {
context.logger.error("Error during officer-roles/citizen-roles configmap updating")
}
}
context.registryRegulations.getChangedStatusOrFiles("save", "create-keycloak-roles",
"--file-detailed ${context.getWorkDir()}/${RegulationType.ROLES.value}")
} else {
context.logger.info("Skip ${RegulationType.ROLES.value} creation due to empty change list")
}
} catch (any) {
context.logger.error("Error during creating keycloak roles")
context.stageFactory.runStage(context.RESTORE_STAGE, context)
}
}