test: ensure smtp probe user has email

2026-01-04 01:08:17 -03:00 · 2026-01-04 01:08:17 -03:00 · a7f68ddddb
commit a7f68ddddb
parent 38b4935e1d
2 changed files with 40 additions and 7 deletions
--- a/scripts/tests/test_keycloak_execute_actions_email.py
+++ b/scripts/tests/test_keycloak_execute_actions_email.py
@ -130,13 +130,46 @@ def main() -> int:
    if not isinstance(user_id, str) or not user_id:
        raise SystemExit("probe user missing id")

-    # execute-actions-email requires the user to be enabled.
-    status, user = _request_json("GET", f"{admin_users_url}/{urllib.parse.quote(user_id)}", access_token, timeout_s=30)
-    if status == 200 and isinstance(user, dict) and user.get("enabled") is False:
+    # execute-actions-email requires the user to be enabled and have an email configured.
+    user_url = f"{admin_users_url}/{urllib.parse.quote(user_id)}"
+    user: dict | None = None
+    for attempt in range(1, 6):
+        status, body = _request_json("GET", user_url, access_token, timeout_s=30)
+        if status == 200 and isinstance(body, dict):
+            user = body
+            break
+        if status == 403 and attempt < 5:
+            time.sleep(3)
+            access_token = get_access_token()
+            continue
+        raise SystemExit(f"unexpected status fetching probe user: {status} body={body}")
+
+    if user is None:
+        raise SystemExit("probe user fetch did not return a user object")
+
+    needs_update = False
+    if user.get("enabled") is False:
        user["enabled"] = True
-        status, body = _request_json("PUT", f"{admin_users_url}/{urllib.parse.quote(user_id)}", access_token, user, timeout_s=30)
-        if status not in (200, 204):
-            raise SystemExit(f"unexpected status enabling probe user: {status} body={body}")
+        needs_update = True
+
+    if user.get("email") != probe_email:
+        user["email"] = probe_email
+        needs_update = True
+
+    if user.get("emailVerified") is not True:
+        user["emailVerified"] = True
+        needs_update = True
+
+    if needs_update:
+        for attempt in range(1, 6):
+            status, body = _request_json("PUT", user_url, access_token, user, timeout_s=30)
+            if status in (200, 204):
+                break
+            if status == 403 and attempt < 5:
+                time.sleep(3)
+                access_token = get_access_token()
+                continue
+            raise SystemExit(f"unexpected status updating probe user: {status} body={body}")

    # Trigger an email to validate Keycloak SMTP integration.
    query = urllib.parse.urlencode(
--- a/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml
+++ b/services/keycloak/portal-e2e-execute-actions-email-test-job.yaml
@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: keycloak-portal-e2e-execute-actions-email-4
+  name: keycloak-portal-e2e-execute-actions-email-5
  namespace: sso
 spec:
  backoffLimit: 3