bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

glue: preserve keycloak profile updates

Browse Source
This commit is contained in:
Brad Stein 2026-01-20 03:59:19 -03:00
parent 557663f524
commit 56b36330b2
2 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
services/mailu/scripts/mailu_sync.py
View File

@ -130,7 +130,9 @@ def kc_update_attributes(token, user, attributes):
if not isinstance(current_attrs, dict): if not isinstance(current_attrs, dict):
current_attrs = {} current_attrs = {}
current_attrs.update(attributes) current_attrs.update(attributes)
resp = SESSION.put(user_url, headers=headers, json={"attributes": current_attrs}, timeout=20) payload = _safe_update_payload(current_payload)
payload["attributes"] = current_attrs
resp = SESSION.put(user_url, headers=headers, json=payload, timeout=20)
resp.raise_for_status() resp.raise_for_status()
verify = SESSION.get( verify = SESSION.get(
user_url, user_url,
@ -144,6 +146,34 @@ def kc_update_attributes(token, user, attributes):
raise Exception(f"attribute not persisted for {user.get('email') or user['username']}") raise Exception(f"attribute not persisted for {user.get('email') or user['username']}")
def _safe_update_payload(user_payload: dict) -> dict:
payload: dict = {}
username = user_payload.get("username")
if isinstance(username, str):
payload["username"] = username
enabled = user_payload.get("enabled")
if isinstance(enabled, bool):
payload["enabled"] = enabled
email = user_payload.get("email")
if isinstance(email, str):
payload["email"] = email
email_verified = user_payload.get("emailVerified")
if isinstance(email_verified, bool):
payload["emailVerified"] = email_verified
first_name = user_payload.get("firstName")
if isinstance(first_name, str):
payload["firstName"] = first_name
last_name = user_payload.get("lastName")
if isinstance(last_name, str):
payload["lastName"] = last_name
actions = user_payload.get("requiredActions")
if isinstance(actions, list):
payload["requiredActions"] = [a for a in actions if isinstance(a, str)]
attrs = user_payload.get("attributes")
payload["attributes"] = attrs if isinstance(attrs, dict) else {}
return payload
def random_password(): def random_password():
alphabet = string.ascii_letters + string.digits alphabet = string.ascii_letters + string.digits
return "".join(secrets.choice(alphabet) for _ in range(24)) return "".join(secrets.choice(alphabet) for _ in range(24))

2
services/maintenance/kustomization.yaml
View File

@ -26,7 +26,7 @@ resources:
images: images:
- name: registry.bstein.dev/bstein/ariadne - name: registry.bstein.dev/bstein/ariadne
newTag: 0.1.0-5 # {"$imagepolicy": "maintenance:ariadne"} newTag: 0.1.0-6 # {"$imagepolicy": "maintenance:ariadne"}
configMapGenerator: configMapGenerator:
- name: disable-k3s-traefik-script - name: disable-k3s-traefik-script