Abhishek koserwal akoserwal

akoserwal / update-serviceaccount-with-realm-management-roles.sh

Created August 23, 2024 20:24

Update-serviceaccount-with-realm-management-roles

	FINAL=`curl -sk --data-raw '[{"id": '$manageUser',"name": "manage-users"},{"id": '$manageRealm',"name": "manage-realm"},{"id": '$manageClients',"name": "manage-clients"}]' --header "Content-Type: application/json" --header "Authorization: Bearer $TOKEN" $KEYCLOAK_URL/admin/realms/$REALM/users/$svcUserId/role-mappings/clients/$realmMgmtClientId`
	echo $FINAL

akoserwal / fetch-user-of-service-account.sh

Created August 23, 2024 20:23

fetch-user-of-service-account

	SVC=`curl -sk --header "Content-Type: application/json" --header "Authorization: Bearer $TOKEN" $KEYCLOAK_URL/admin/realms/$REALM/clients/$kasClientId/service-account-user`
	svcUserId=$(jq -r '.id' <<< $SVC)
	echo $svcUserId

akoserwal / fetch-serviceaccount.sh

Created August 23, 2024 20:22

fetch-serviceaccount-sa

	KAS=`curl -sk --header "Content-Type: application/json" --header "Authorization: Bearer $TOKEN" $KEYCLOAK_URL/admin/realms/$REALM/clients?clientId=admin-sa`
	kasClientId=$(jq -r '.[].id' <<< $KAS)

akoserwal / fetch-roles-from-realm-management-client.sh

Created August 23, 2024 20:21

Fetch-roles-from-realm-management-client

	ROLES=`curl -sk --header "Content-Type: application/json" --header "Authorization: Bearer $TOKEN" $KEYCLOAK_URL/admin/realms/$REALM/clients/$realmMgmtClientId/roles`
	echo $ROLES
	manageUser=$(jq -c '.[] \| select( .name \| contains("manage-users")).id' <<< $ROLES)
	echo $manageUser
	manageClients=$(jq -c '.[] \| select( .name \| contains("manage-clients")).id' <<< $ROLES)
	echo $manageClients
	manageRealm=$(jq -c '.[] \| select( .name \| contains("manage-realm")).id' <<< $ROLES)
	echo $manageRealm

akoserwal / fetch-realm-management-client.sh

Created August 23, 2024 20:19

Fetch-Realm-Management-client

	RE=`curl -sk --header "Content-Type: application/json" --header "Authorization: Bearer $TOKEN" $KEYCLOAK_URL/admin/realms/$REALM/clients?clientId=realm-management`
	realmMgmtClientId=$(jq -r '.[].id' <<< $RE)
	echo $realmMgmtClientId

akoserwal / create-service-account.sh

Created August 23, 2024 20:18

Create-Service-Account

	CREATE=`curl -sk --data-raw '{
	"authorizationServicesEnabled": false,
	"clientId": "admin-sa",
	"description": "admin-sa",
	"name": "admin-sa",
	"secret":"admin-sa",
	"directAccessGrantsEnabled": false,
	"serviceAccountsEnabled": true,
	"publicClient": false,
	"protocol": "openid-connect"

akoserwal / get-token.sh

Created August 23, 2024 20:15

get-token.sh

	KEYCLOAK_URL=http://0.0.0.0:8084
	REALM=test
	CLIENT_ID=admin-cli
	USERNAME=admin
	PASS=admin

	TOKEN_PATH="/realms/master/protocol/openid-connect/token"
	RESULT=`curl -sk --data "grant_type=password&client_id=$CLIENT_ID&username=$USERNAME&password=$PASS" $KEYCLOAK_URL$TOKEN_PATH`
	TOKEN=$(jq -r '.access_token' <<< $RESULT)
	echo $TOKEN

akoserwal / sample-cr.yaml

Created April 12, 2024 13:51

sample-cr.yaml

	apiVersion: com.github.k8soperators.ch3/v1alpha1
	kind: GitOps
	metadata:
	name: gitops-sample
	namespace: gitops
	spec:
	url: ""

akoserwal / gtiopscrd.yaml

Created April 12, 2024 13:38

gitops-crd

	# Generated by Fabric8 CRDGenerator, manual edits might get overwritten!
	apiVersion: apiextensions.k8s.io/v1
	kind: CustomResourceDefinition
	metadata:
	name: gitops.com.github.k8soperators.ch2
	spec:
	group: com.github.k8soperators.ch2
	names:
	kind: GitOps
	plural: gitops

akoserwal / gist:12996a21352e21fd3ee166633fd82f37

Created February 6, 2024 08:22

kind-config-nodes

	kind: Cluster
	apiVersion: kind.x-k8s.io/v1alpha4
	# One control plane node and three "workers".
	#
	# While these will not add more real compute capacity and
	# have limited isolation, this can be useful for testing
	# rolling updates etc.
	#
	# The API-server and other control plane components will be
	# on the control-plane node.