From 58393efce711dc9ee2df14c78ab65b02c23aaded Mon Sep 17 00:00:00 2001
From: Elizabeth Healy <35498075+elizabethhealy@users.noreply.github.com>
Date: Tue, 18 Jun 2024 13:28:29 -0400
Subject: [PATCH] fix(ci): Ensure unmanaged attributes is enabled during kc
 provisioning (#1002)

Enable "unmanaged attributes" even if the realm already exists
resolves https://github.com/opentdf/platform/issues/994
---
 lib/fixtures/keycloak.go | 41 ++++++++++++++++++++--------------------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/lib/fixtures/keycloak.go b/lib/fixtures/keycloak.go
index c0c0c48ab..57e860e1c 100644
--- a/lib/fixtures/keycloak.go
+++ b/lib/fixtures/keycloak.go
@@ -484,33 +484,34 @@ func createRealm(ctx context.Context, kcConnectParams KeycloakConnectParams, rea
 		}
 	}
 
-	if r == nil { //nolint:nestif // realm doesnt already exist
+	if r == nil {
 		if _, err := client.CreateRealm(ctx, token.AccessToken, realm); err != nil {
 			return err
 		}
 		slog.Info("✅ Realm created", slog.String("realm", *realm.Realm))
-
-		// update realm users profile via upconfig
-		realmProfileURL := fmt.Sprintf("%s/admin/realms/%s/users/profile", kcConnectParams.BasePath, *realm.Realm)
-		realmUserProfileResp, err := client.GetRequestWithBearerAuth(ctx, token.AccessToken).Get(realmProfileURL)
-		if err != nil {
-			slog.Error("Error retrieving realm users profile ", slog.String("realm", *realm.Realm))
-			return err
-		}
-		var upConfig map[string]interface{}
-		err = json.Unmarshal([]byte(realmUserProfileResp.String()), &upConfig)
-		if err != nil {
-			return err
-		}
-		upConfig["unmanagedAttributePolicy"] = "ENABLED"
-		_, err = client.GetRequestWithBearerAuth(ctx, token.AccessToken).SetBody(upConfig).Put(realmProfileURL)
-		if err != nil {
-			return err
-		}
-		slog.Info("✅ Realm Users Profile Updated", slog.String("realm", *realm.Realm))
 	} else {
 		slog.Info("⏭️  Realm already exists", slog.String("realm", *realm.Realm))
 	}
+
+	// update realm users profile via upconfig
+	realmProfileURL := fmt.Sprintf("%s/admin/realms/%s/users/profile", kcConnectParams.BasePath, *realm.Realm)
+	realmUserProfileResp, err := client.GetRequestWithBearerAuth(ctx, token.AccessToken).Get(realmProfileURL)
+	if err != nil {
+		slog.Error("Error retrieving realm users profile ", slog.String("realm", *realm.Realm))
+		return err
+	}
+	var upConfig map[string]interface{}
+	err = json.Unmarshal([]byte(realmUserProfileResp.String()), &upConfig)
+	if err != nil {
+		return err
+	}
+	upConfig["unmanagedAttributePolicy"] = "ENABLED"
+	_, err = client.GetRequestWithBearerAuth(ctx, token.AccessToken).SetBody(upConfig).Put(realmProfileURL)
+	if err != nil {
+		return err
+	}
+	slog.Info("✅ Realm Users Profile Updated", slog.String("realm", *realm.Realm))
+
 	return nil
 }