fix

Signed-off-by: Flavius Lacatusu <flacatus@redhat.com>
eclipse-che · Feb 12, 2021 · 076536c · 076536c
1 parent ecf63a9
commit 076536c
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 12 deletions.
diff --git a/.ci/cico_updates_openshift.sh b/.ci/cico_updates_openshift.sh
@@ -20,10 +20,6 @@ source "${OPERATOR_REPO}"/.github/bin/oauth-provision.sh
 #Stop execution on any error
 trap "catchFinish" EXIT SIGINT
 
-overrideDefaults() {
-  export OAUTH="true"
-}
-
 runTests() {
   "${OPERATOR_REPO}"/olm/testUpdate.sh "openshift" "stable" ${NAMESPACE}
   waitEclipseCheDeployed ${LAST_PACKAGE_VERSION}
@@ -33,7 +29,6 @@ runTests() {
 }
 
 init
-overrideDefaults
 provisionOpenShiftOAuthUser
 initStableTemplates "openshift" "stable"
 runTests
diff --git a/.github/bin/oauth-provision.sh b/.github/bin/oauth-provision.sh
@@ -19,7 +19,8 @@ set -u
 function provisionOAuth() {
   OCP_USER_UID=$(oc get user user -o=jsonpath='{.metadata.uid}')
 
-  IDP_USER="admin"
+  IDP_USERNAME="admin"
+  CHE_USERNAME="admin"
   # Get Eclipse Che IDP secrets and decode to use to connect to IDP
   IDP_PASSWORD=$(oc get secret che-identity-secret -n eclipse-che -o=jsonpath='{.data.password}' | base64 --decode)
 
@@ -38,7 +39,7 @@ function provisionOAuth() {
   # Obtain from Keycloak the token to make api request authentication
   IDP_TOKEN=$(curl -k --location --request POST ''$IDP_HOST'/auth/realms/master/protocol/openid-connect/token' \
   --header 'Content-Type: application/x-www-form-urlencoded' \
-  --data-urlencode 'username=admin' \
+  --data-urlencode 'username='$IDP_USERNAME'' \
   --data-urlencode 'password='$IDP_PASSWORD'' \
   --data-urlencode 'grant_type=password' \
   --data-urlencode 'client_id=admin-cli' | jq -r .access_token)
@@ -47,7 +48,7 @@ function provisionOAuth() {
 
   # Get admin user id from IDP
   CHE_USER_ID=$(curl --location -k --request GET ''$IDP_HOST'/auth/admin/realms/che/users' \
-  --header 'Authorization: Bearer '$IDP_TOKEN'' | jq -r '.[] | select(.username == "admin").id' )
+  --header 'Authorization: Bearer '$IDP_TOKEN'' | jq -r '.[] | select(.username == "'$CHE_USERNAME'").id' )
 
   echo -e "[INFO] Eclipse CHE user ID: $CHE_USER_ID"
 
@@ -58,7 +59,7 @@ function provisionOAuth() {
   --data '{
       "identityProvider": "openshift-v4",
       "userId": "'$OCP_USER_UID'",
-      "userName": "admin"
+      "userName": "'$CHE_USERNAME'"
   }'
 
 # Create OAuthClientAuthorization object for Eclipse Che in Cluster. 
@@ -67,10 +68,10 @@ OAUTHCLIENTAuthorization=$(
 apiVersion: oauth.openshift.io/v1
 kind: OAuthClientAuthorization
 metadata:
-  generateName: $IDP_USER:$OAUTH_CLIENT_NAME
+  generateName: $CHE_USERNAME:$OAUTH_CLIENT_NAME
   namespace: eclipse-che
 clientName: $OAUTH_CLIENT_NAME
-userName: $IDP_USER
+userName: $CHE_USERNAME
 userUID: $OCP_USER_UID
 scopes:
   - 'user:full'
@@ -80,11 +81,12 @@ EOF
   echo -e "Created authorization client: $OAUTHCLIENTAuthorization"
   cat << 'EOF' > path.sql
 UPDATE federated_identity SET token ='{"access_token":"INSERT_TOKEN_HERE","expires_in":86400,"scope":"user:full","token_type":"Bearer"}'
-WHERE federated_username = 'admin'
+WHERE federated_username = 'INSERT_CHE_USER_HERE'
 EOF
 
   TOKEN=$(oc whoami -t)
   sed -i "s|INSERT_TOKEN_HERE|$TOKEN|g" path.sql
+  sed -i "s|INSERT_CHE_USER_HERE|$CHE_USERNAME|g" path.sql
 
   # Insert sql script inside of postgres and execute it.
   POSTGRES_POD=$(oc get pods -o json -n eclipse-che | jq -r '.items[] | select(.metadata.name | test("postgres-")).metadata.name')