From 7cbbb7e193c94133eb97e36aa491424512c0fb07 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Sun, 4 Jan 2026 00:59:24 -0300
Subject: [PATCH] test: fix keycloak execute-actions-email probe

---
 scripts/tests/test_keycloak_execute_actions_email.py   | 10 +++++++++-
 .../portal-e2e-execute-actions-email-test-job.yaml     |  2 +-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/scripts/tests/test_keycloak_execute_actions_email.py b/scripts/tests/test_keycloak_execute_actions_email.py
index 14aa320..2828f85 100644
--- a/scripts/tests/test_keycloak_execute_actions_email.py
+++ b/scripts/tests/test_keycloak_execute_actions_email.py
@@ -100,7 +100,7 @@ def main() -> int:
     if not users:
         create_payload = {
             "username": probe_username,
-            "enabled": False,
+            "enabled": True,
             "email": probe_email,
             "emailVerified": True,
         }
@@ -130,6 +130,14 @@ def main() -> int:
     if not isinstance(user_id, str) or not user_id:
         raise SystemExit("probe user missing id")
 
+    # execute-actions-email requires the user to be enabled.
+    status, user = _request_json("GET", f"{admin_users_url}/{urllib.parse.quote(user_id)}", access_token, timeout_s=30)
+    if status == 200 and isinstance(user, dict) and user.get("enabled") is False:
+        user["enabled"] = True
+        status, body = _request_json("PUT", f"{admin_users_url}/{urllib.parse.quote(user_id)}", access_token, user, timeout_s=30)
+        if status not in (200, 204):
+            raise SystemExit(f"unexpected status enabling probe user: {status} body={body}")
+
     # Trigger an email to validate Keycloak SMTP integration.
     query = urllib.parse.urlencode(
         {
diff --git a/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml b/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml
index 931760c..dec3b87 100644
--- a/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml
+++ b/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml
@@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: keycloak-portal-e2e-execute-actions-email-2
+  name: keycloak-portal-e2e-execute-actions-email-3
   namespace: sso
 spec:
   backoffLimit: 3