chore(KeycloakHelper): Add Keycloak user and group creation / deletion in bulk and requireEnv util function

[dzemanov]

Adds functions to create or delete users and groups via KeycloakHelper in bulk (createUsersAndGroups + deleteUsersAndGroups). You can use it in your tests like this:

import { KeycloakHelper } from "@red-hat-developer-hub/e2e-test-utils/keycloak";
import type {
  KeycloakGroupConfig,
  KeycloakUserConfig,
} from "@red-hat-developer-hub/e2e-test-utils/keycloak";

const TEST_GROUPS: KeycloakGroupConfig[] = [
  { name: "writers" },
  { name: "readers" },
];

const TEST_USERS: Record<string, KeycloakUserConfig> = {
  reader: {
    username: "catalog-reader",
    password: crypto.randomUUID().substring(0, 21).replaceAll("-", "0"),
    groups: ["readers"],
  },
  writer: {
    username: "catalog-writer",
    password: crypto.randomUUID().substring(0, 21).replaceAll("-", "0"),
    groups: ["writers"],
  },
};

test.beforeAll(async ({ rhdh }) => {
  const keycloak = new KeycloakHelper();
  await keycloak.connect({
    baseUrl: process.env.KEYCLOAK_BASE_URL!,
    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
  });
  await keycloak.createUsersAndGroups(process.env.KEYCLOAK_REALM!, {
    users: Object.values(TEST_USERS),
    groups: TEST_GROUPS,
  });

  await rhdh.configure({ auth: "keycloak" });
  await rhdh.deploy();
});

test.describe("Writer access", () => {
  test.beforeEach(async ({ page, loginHelper }) => {
    await page.goto("/");
    await loginHelper.loginAsKeycloakUser(TEST_USERS.writer.username, TEST_USERS.writer.password);
  });

test.afterAll(async () => {
  // Need to re-authenticate anyway due to admin token expiration
  const keycloak = new KeycloakHelper();
  await keycloak.connect({
    baseUrl: process.env.KEYCLOAK_BASE_URL!,
    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
  });

  // Cleanup users and groups
  await keycloak.deleteUsersAndGroups(process.env.KEYCLOAK_REALM!, {
    users: TEST_USERS,
    groups: TEST_GROUPS,
  });
});

Adds utility function (requireEnv) to check env variables are defined:

import { requireEnv } from "@red-hat-developer-hub/e2e-test-utils/utils";

test.beforeAll(async ({ rhdh }) => {
  requireEnv("VAULT_API_KEY", "VAULT_SECRET");

[PatAKnight]

Question for discussion, but I wonder if we should extend the createGroup to be able to support subGroups?: GroupRepresentation[];? It is not necessary at them moment as I have a work around to address the issue, but it would help simplify the RBAC hierarchy tests a bit. Today, we have to create the groups using yaml files and assign the users to those groups that way.

Only downside is that the RBAC tests are the only ones, that I know of, who would benefit from this support. So the expansion would just be targeted to one plugin and only one plugin, adding more maintenance for just a couple of tests.

[PatAKnight]

Just a heads up, but you will probably need to add an entry to the changelog

[dzemanov]

Question for discussion, but I wonder if we should extend the createGroup to be able to support subGroups?: GroupRepresentation[];? It is not necessary at them moment as I have a work around to address the issue, but it would help simplify the RBAC hierarchy tests a bit. Today, we have to create the groups using yaml files and assign the users to those groups that way.

Only downside is that the RBAC tests are the only ones, that I know of, who would benefit from this support. So the expansion would just be targeted to one plugin and only one plugin, adding more maintenance for just a couple of tests.

I think it makes sense to implement it to avoid workaround with using group yamls and instead rely on keycloak catalog provider to ingest those correctly. It can be implemented in a following PR.

na