feat: task cleanup for Keycloak

src/grafana/tasks.yaml

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
 includes:
-  - utils: ../../tasks/utils.yaml
+  - common-setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/setup.yaml
 
 tasks:
   - name: validate
@@ -32,11 +32,10 @@ tasks:
 
   - name: e2e-test
     actions:
-      - description: "Setup the Keycloak admin user if needed"
-        task: utils:keycloak-admin-user
       - description: "Setup the Doug User for testing"
-        # Self-reference this task file to avoid https://github.com/defenseunicorns/maru-runner/issues/144
-        cmd: uds run -f tasks/test.yaml common-setup:create-doug-user --set KEYCLOAK_GROUP="/UDS Core/Admin" # Adds the test doug user
+        task: common-setup:keycloak-user
+        with:
+          group: "/UDS Core/Admin"
       - description: E2E Test for Grafana, optionally set FULL_CORE=true to test integrations with Loki
         cmd: |
           # renovate: datasource=docker depName=mcr.microsoft.com/playwright versioning=docker

src/keycloak/chart/values.yaml

@@ -10,7 +10,7 @@ image:
   pullPolicy: IfNotPresent
 
 # renovate: datasource=github-tags depName=defenseunicorns/uds-identity-config versioning=semver
-configImage: ghcr.io/defenseunicorns/uds/identity-config:0.11.1
+configImage: ghcr.io/defenseunicorns/uds/identity-config:0.12.1
 
 # The public domain name of the Keycloak server
 domain: "###ZARF_VAR_DOMAIN###"

src/keycloak/tasks.yaml

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
 includes:
-  - config: https://raw.githubusercontent.com/defenseunicorns/uds-identity-config/v0.11.1/tasks.yaml
+  - config: https://raw.githubusercontent.com/defenseunicorns/uds-identity-config/v0.12.1/tasks.yaml
 
 tasks:
   - name: validate

src/keycloak/zarf.yaml

@@ -27,7 +27,7 @@ components:
           - "values/upstream-values.yaml"
     images:
       - quay.io/keycloak/keycloak:26.1.4
-      - ghcr.io/defenseunicorns/uds/identity-config:0.11.1
+      - ghcr.io/defenseunicorns/uds/identity-config:0.12.1
 
   - name: keycloak
     required: true
@@ -41,7 +41,7 @@ components:
           - "values/registry1-values.yaml"
     images:
       - registry1.dso.mil/ironbank/opensource/keycloak/keycloak:26.1.4
-      - ghcr.io/defenseunicorns/uds/identity-config:0.11.1
+      - ghcr.io/defenseunicorns/uds/identity-config:0.12.1
 
   - name: keycloak
     required: true
@@ -55,4 +55,4 @@ components:
           - "values/unicorn-values.yaml"
     images:
       - cgr.dev/du-uds-defenseunicorns/keycloak:26.1.4 # todo: switch to FIPS image
-      - ghcr.io/defenseunicorns/uds/identity-config:0.11.1
+      - ghcr.io/defenseunicorns/uds/identity-config:0.12.1

src/neuvector/tasks.yaml

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
 includes:
-  - utils: ../../tasks/utils.yaml
+  - common-setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/setup.yaml
 
 tasks:
   - name: validate
@@ -49,11 +49,10 @@ tasks:
 
   - name: e2e-test
     actions:
-      - description: "Setup the Keycloak admin user if needed"
-        task: utils:keycloak-admin-user
       - description: "Setup the Doug User for testing"
-        # Self-reference this task file to avoid https://github.com/defenseunicorns/maru-runner/issues/144
-        cmd: uds run -f tasks/test.yaml common-setup:create-doug-user --set KEYCLOAK_GROUP="/UDS Core/Admin" --no-progress # Adds the test doug user
+        task: common-setup:keycloak-user
+        with:
+          group: "/UDS Core/Admin"
       - description: E2E Test for NeuVector
         cmd: |
           # renovate: datasource=docker depName=mcr.microsoft.com/playwright versioning=docker

tasks/create.yaml

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
 includes:
-  - common: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.13.0/tasks/create.yaml
+  - common: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/create.yaml
 
 variables:
   - name: FLAVOR

tasks/lint.yaml

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
 includes:
-  - remote: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.13.0/tasks/lint.yaml
+  - remote: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/lint.yaml
 
 tasks:
   - name: fix

tasks/test.yaml

@@ -14,8 +14,8 @@ includes:
   - test-resources: ../src/test/tasks.yaml
   - base-layer: ../packages/base/tasks.yaml
   - idam-layer: ../packages/identity-authorization/tasks.yaml
-  - common-setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/refs/tags/v1.13.0/tasks/setup.yaml
-  - compliance: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.13.0/tasks/compliance.yaml
+  - common-setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/setup.yaml
+  - compliance: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.14.0/tasks/compliance.yaml
 
 tasks:
   - name: base
@@ -96,11 +96,10 @@ tasks:
         default: ${UDS_ARCH}
     # Run each e2e test type from the e2e folder
     actions:
-      - description: "Setup the Keycloak admin user if needed"
-        task: util:keycloak-admin-user
       - description: "Setup the Doug User for testing"
-        # Self-reference this task file to avoid https://github.com/defenseunicorns/maru-runner/issues/144
-        cmd: uds run -f tasks/test.yaml common-setup:create-doug-user --set KEYCLOAK_GROUP="/UDS Core/Admin" # Adds the test doug user
+        task: common-setup:keycloak-user
+        with:
+          group: "/UDS Core/Admin"
       - description: "Create and Deploy Test App Package"
         task: test-resources:create-deploy
         with:

tasks/utils.yaml

@@ -30,40 +30,6 @@ tasks:
         setVariables:
           - name: TARGET_REPO
 
-  - name: keycloak-admin-user
-    actions:
-      - description: Sets up the Keycloak admin user for dev/testing if not already created
-        cmd: |
-          # Check if the secret exists
-          if ./zarf tools kubectl get secret keycloak-admin-password -n keycloak > /dev/null 2>&1; then
-            echo "Admin user exists, skipping..."
-          else
-            # Start port-forward with zarf
-            ./zarf tools kubectl port-forward -n keycloak svc/keycloak-http 8080:8080 &
-            PF_PID=$!
-
-            # Wait a bit to ensure port-forward is ready
-            sleep 5
-
-            # Create admin user with curl
-            PASSWORD=$(openssl rand -base64 12)
-            STATE_COOKIE=$(curl --silent --output /dev/null --cookie-jar - http://localhost:8080/ | grep "WELCOME_STATE_CHECKER" | awk '{print $7}')
-            curl --silent --show-error http://localhost:8080/ \
-              -H "Cookie: WELCOME_STATE_CHECKER=${STATE_COOKIE}" \
-              -H "Content-Type: application/x-www-form-urlencoded" \
-              --data-urlencode "username=admin" \
-              --data-urlencode "password=${PASSWORD}" \
-              --data-urlencode "passwordConfirmation=${PASSWORD}" \
-              --data-urlencode "stateChecker=${STATE_COOKIE}"
-
-            # Kill the port-forward
-            kill $PF_PID
-
-            ./zarf tools kubectl create secret generic keycloak-admin-password \
-              --from-literal=username=admin \
-              --from-literal=password=${PASSWORD} \
-              -n keycloak
-          fi
   - name: aks-coredns-setup
     actions:
       - description: Setup Custom ConfigMap for Core DNS