Skip to content

chore(cloud-native): adjust resource scope mappings#2542

Merged
moabu merged 3 commits intomainfrom
cn-rename-scopes
Dec 31, 2025
Merged

chore(cloud-native): adjust resource scope mappings#2542
moabu merged 3 commits intomainfrom
cn-rename-scopes

Conversation

@iromli
Copy link
Contributor

@iromli iromli commented Dec 26, 2025
edited by coderabbitai bot
Loading

The changeset adjusts the scope names required by admin-ui.

Closes #2541

Summary by CodeRabbit

  • New Features

    • Added automatic resource scope mapping updates during the upgrade process to migrate scope configurations.

  • Chores

    • Updated external dependency versions for build consistency across deployment containers.

✏️ Tip: You can customize this high-level summary in your review settings.

@iromli
chore(cloud-native): adjust resource scope mappings
5df204f 
Signed-off-by: iromli <isman.firmansyah@gmail.com>
@iromli iromli self-assigned this Dec 26, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 26, 2025
edited
Loading

📝 Walkthrough

Walkthrough

This pull request updates Docker image source version pins for the Jans and Flex repositories, and adds a new migration method to automatically update resource scope mappings for the admin UI from deprecated names to new ones.

Changes

Cohort / File(s) Summary
Docker image version updates
docker-admin-ui/Dockerfile, docker-flex-all-in-one/Dockerfile		 Updated JANS_SOURCE_VERSION commit hashes in both Dockerfiles to a newer version; also updated FLEX_SOURCE_VERSION in admin-ui Dockerfile. No logic changes.
Admin UI resource scope migration
docker-admin-ui/scripts/upgrade.py		 Added update_resource_scopes() method to atomically migrate three resource scope mappings (asset-read, asset-write, asset-delete) from old OAuth scope URIs to new short names. Handles both nested and flat JSON representations. Integrated into invoke() workflow after existing client updates.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

Suggested labels

comp-admin-ui

Suggested reviewers

  • moabu
  • devrimyatar

Poem

🐰 A rabbit hops through scopes with glee,
From OAuth URIs, now set free,
New names shine bright: asset, not asset-read,
With Docker versions fresh instead,
Migration paths paved, all clear to see! 🎉

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change of adjusting resource scope mappings, which is the primary objective and directly related to the changeset.
Linked Issues check ✅ Passed The PR implements scope name adjustments in the upgrade.py script and updates source versions, addressing the resource scope mapping changes referenced in issue #2541.
Out of Scope Changes check ✅ Passed All changes are scoped to resource scope mappings (upgrade.py), Dockerfile version pins (docker-admin-ui and docker-flex-all-in-one), and directly support the linked issue objective.
✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mo-auto mo-auto added comp-docker-admin-ui Component affected by issue or PR kind-dependencies Pull requests that update a dependency file labels Dec 26, 2025
@iromli
chore: update JANS and FLEX source versions
000312e 
Signed-off-by: iromli <isman.firmansyah@gmail.com>
@iromli iromli marked this pull request as ready for review December 31, 2025 12:05
@iromli iromli requested a review from moabu as a code owner December 31, 2025 12:05
coderabbitai[bot]
coderabbitai bot reviewed Dec 31, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ece094b and 000312e.

📒 Files selected for processing (3)
  • docker-admin-ui/Dockerfile
  • docker-admin-ui/scripts/upgrade.py
  • docker-flex-all-in-one/Dockerfile
🧰 Additional context used
🪛 GitHub Actions: Scan Image
docker-flex-all-in-one/Dockerfile

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JAVA_OPTIONS")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JETTY_HOST")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JETTY_PORT")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SHARE_AUTH_CONF")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SQL_PASSWORD_FILE")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SAML_KC_ADMIN_CREDENTIALS_FILE")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SAML_KC_DB_PASSWORD_FILE")

docker-admin-ui/Dockerfile

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JAVA_OPTIONS")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JETTY_HOST")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_AUTH_JETTY_PORT")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SHARE_AUTH_CONF")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SQL_PASSWORD_FILE")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SAML_KC_ADMIN_CREDENTIALS_FILE")

[warning] 117-117: SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CN_SAML_KC_DB_PASSWORD_FILE")

🪛 Ruff (0.14.10)
docker-admin-ui/scripts/upgrade.py

242-242: Missing return type annotation for private function update_scope

Add return type annotation: None

(ANN202)

🔇 Additional comments (1)
docker-admin-ui/scripts/upgrade.py (1)

57-57: LGTM!

The method invocation is appropriately placed in the upgrade flow, ensuring resource scope mappings are updated after client configurations.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 31, 2025

Quality Gate Passed Quality Gate passed for 'Gluu Admin UI'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@moabu moabu merged commit 1bb08c1 into main Dec 31, 2025
8 of 11 checks passed
@moabu moabu deleted the cn-rename-scopes branch December 31, 2025 20:58
This was referenced Jan 14, 2026
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@moabu moabu moabu approved these changes

Assignees

@iromli iromli

Labels

comp-docker-admin-ui Component affected by issue or PR kind-dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

chore(cloud-native): adjust resource scope mappings

3 participants

@iromli @moabu @mo-auto