-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an option to extend list of group members #134
Comments
Example? |
This creates user with assigned group with single role. All good.
The user another-user is given the group membership, however the user user loses it. The another-membership resource overwrites the existing list of group members. |
does something like that work in terraform? 🤔 |
Frankly, I have no clue (not a terraform specialist). |
Hm, i'll check that out and tell you asap 😄
…On Mon, Jul 8, 2024, 09:30 vladimirblahoz ***@***.***> wrote:
Frankly, I have no clue (not a terraform specialist).
I was hoping that the functionality is very similar to assigning roles
directly to users with *Roles.user.keycloak.crossplane.io
<http://Roles.user.keycloak.crossplane.io>* resource having the
*exhaustive* flag. Now reading the docs again it claims that "manually"
added roles aren't removed with it, so now I'm not really sure that even
this does what I expected from it.
—
Reply to this email directly, view it on GitHub
<#134 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AC3JPMJCTGYA3AF2E77JMB3ZLI52JAVCNFSM6AAAAABKQF3QGOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMJTGI2DAMZXHE>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
I have just checked that this (the roles situation) works:
So apparently the Roles resource is able to append to the list of assigned roles and you can have as many of them as you want targeting the same user as long as the exhaustive attribute is set to false |
|
Thanks for the investigation! We are using ArgoCD as gitops tool, so I'll check that link if that is an interesting solution for us 👍 |
Hi,
I wasn't able to find any way of adding another user to an existing group with already defined memberships resource. New memberships only overwrite the list of members for a group.
This way we cannot contribute to a single group with users from different projects.
I was expecting something similar to an exhaustive property which is present in group roles resource or user roles resource.
The text was updated successfully, but these errors were encountered: