diff --git a/services/keycloak/realm-settings-job.yaml b/services/keycloak/realm-settings-job.yaml index bd4fa25..db08722 100644 --- a/services/keycloak/realm-settings-job.yaml +++ b/services/keycloak/realm-settings-job.yaml @@ -2,7 +2,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: keycloak-realm-settings-12 + name: keycloak-realm-settings-13 namespace: sso spec: backoffLimit: 0 @@ -144,20 +144,60 @@ spec: attrs = profile.get("attributes") if not isinstance(attrs, list): attrs = [] - has_mailu_email = any( - isinstance(item, dict) and item.get("name") == "mailu_email" for item in attrs - ) - if not has_mailu_email: - attrs.append( - { - "name": "mailu_email", - "displayName": "Atlas Mailbox", - "multivalued": False, - "annotations": {"group": "user-metadata"}, - "permissions": {"view": ["admin"], "edit": ["admin"]}, - "validations": {"email": {}, "length": {"max": 255}}, - } - ) + + required_attrs = [ + { + "name": "mailu_email", + "displayName": "Atlas Mailbox", + "multivalued": False, + "annotations": {"group": "user-metadata"}, + "permissions": {"view": ["admin"], "edit": ["admin"]}, + "validations": {"email": {}, "length": {"max": 255}}, + }, + { + "name": "mailu_app_password", + "displayName": "Atlas Mail App Password", + "multivalued": False, + "annotations": {"group": "user-metadata"}, + "permissions": {"view": ["admin"], "edit": ["admin"]}, + "validations": {"length": {"max": 255}}, + }, + { + "name": "nextcloud_mail_primary_email", + "displayName": "Nextcloud Mail Primary Email", + "multivalued": False, + "annotations": {"group": "user-metadata"}, + "permissions": {"view": ["admin"], "edit": ["admin"]}, + "validations": {"email": {}, "length": {"max": 255}}, + }, + { + "name": "nextcloud_mail_account_count", + "displayName": "Nextcloud Mail Account Count", + "multivalued": False, + "annotations": {"group": "user-metadata"}, + "permissions": {"view": ["admin"], "edit": ["admin"]}, + "validations": {"length": {"max": 32}}, + }, + { + "name": "nextcloud_mail_synced_at", + "displayName": "Nextcloud Mail Last Synced", + "multivalued": False, + "annotations": {"group": "user-metadata"}, + "permissions": {"view": ["admin"], "edit": ["admin"]}, + "validations": {"length": {"max": 64}}, + }, + ] + + def has_attr(name: str) -> bool: + return any(isinstance(item, dict) and item.get("name") == name for item in attrs) + + updated = False + for attr in required_attrs: + if not has_attr(attr.get("name", "")): + attrs.append(attr) + updated = True + + if updated: profile["attributes"] = attrs status, _ = http_json("PUT", profile_url, access_token, profile) if status not in (200, 204):