[#15] Update scripts for adding/removing groups to projects and add wrapper...

[#15] Update scripts for adding/removing groups to projects and add wrapper script to standardise administrator group for drupal-supporters

scripts/addGroupToDrupalAdmins.sh

 #!/bin/bash
 usage() { echo "Usage: $0 [--group-name <GROUP> --project <PROJECT>]" 1>&2; exit 1; }
+
+KUBECONFIG=~/.kube/config
+
 # Options
 ARGS=$(getopt -o 'g:p:' --long 'group-name:project:' -- "$@") || exit 1
 eval "set -- $ARGS"
@@ -35,15 +38,30 @@ ROLE_ID=$(echo $ROLE_LIST | jq -r '.data[] | select(.name=="administrator") | .i
 
 GROUP_EXISTS=$(curl --silent -X GET "${AUTHZAPI_URL}/${AUTHZAPI_VERSION}/Group/${GROUP_NAME}" -H  "accept: text/plain" -H  "Authorization: Bearer ${BEARER_TOKEN}" -d "" -o /dev/null -w "%{http_code}")
 
+
 if [[ $GROUP_EXISTS != "200" ]]; then
     echo "Error trying to find group in API, error code: ${GROUP_EXISTS}"
     exit 1
 fi
 
+
 # Add group ${GROUP_NAME} to ${ROLE_ID} (administrator) in ${APPLICATION_ID}, as per https://authorization-service-api.web.cern.ch/swagger/index.html#operations-Application-post_api_v1_0_Application__id__roles__roleid__groups__groupid_
-SUCCESS=$(curl --silent -X POST "${AUTHZAPI_URL}/${AUTHZAPI_VERSION}/Application/${APPLICATION_ID}/roles/${ROLE_ID}/groups/${GROUP_NAME}" -H  "accept: text/plain" -H  "Authorization: Bearer ${BEARER_TOKEN}" -d "" -o /dev/null -w "%{http_code}")
-if [[ $SUCCESS != "200" ]]; then
-    echo "Error binding group to admin role, error code: ${SUCCESS}"
+
+SUCCESS=$(curl --silent -X POST "${AUTHZAPI_URL}/${AUTHZAPI_VERSION}/Application/${APPLICATION_ID}/roles/${ROLE_ID}/groups/${GROUP_NAME}" -H  "accept: text/plain" -H  "Authorization: Bearer ${BEARER_TOKEN}" -d "" -i > /tmp/report.txt -w "%{http_code}")
+
+DUPLICATE=$(grep -irn "Duplicate" /tmp/report.txt | awk -F ":" '{print $3}' | awk -F " " '{print $1}'| tr -d '"')
+
+if [[ $SUCCESS != 200 ]]; then
+  if [[ -z "$DUPLICATE" ]]; then
+       echo "Successfully binded ${GROUP_NAME} to applicationID ${APPLICATION_ID}"
+       exit 1
+  fi
+   if [[ $DUPLICATE != "Duplicate" ]]; then
+       echo "http error - Please read /tmp/report.txt file"
+       exit 1
+  fi
+else
+    echo "Successfully binded ${GROUP_NAME} to applicationID ${APPLICATION_ID}"
     exit 1
 fi
-echo "Successfully binded ${GROUP_NAME} to applicationID ${APPLICATION_ID}"
+

scripts/modifyGroups-wrapper.sh

+#!/bin/bash
+
+# ---
+# Script to uniform admin role group mapping
+# 
+# Example usage:
+# oc get projects -l okd.cern.ch/user-project="true" -A -o json --no-headers | jq -r '.items[] | .metadata.name' | xargs -I{} sh modifyGroups-wrapper.sh {}
+# ---
+
+# Check if project name argument is provided
+if [ -z "$1" ]; then
+    echo "Usage: $0 <project_name>"
+    exit 1
+fi
+
+PROJECT="$1"
+
+# Call the necessary commands with the project name
+./addGroupToDrupalAdmins.sh -g drupal-supporters -p "$PROJECT"
+./removeGroupFromDrupalAdmins.sh -g web-team-developers -p "$PROJECT"
+./removeGroupFromDrupalAdmins.sh -g drupal-admins -p "$PROJECT"
+

scripts/removeGroupFromDrupalAdmins.sh

 #!/bin/bash
 usage() { echo "Usage: $0 [--group-name <GROUP> --project <PROJECT>]" 1>&2; exit 1; }
 # Options
+
+KUBECONFIG=~/.kube/config
+
 ARGS=$(getopt -o 'g:p:' --long 'group-name:project:' -- "$@") || exit 1
 eval "set -- $ARGS"
 
@@ -40,10 +43,12 @@ if [[ $GROUP_EXISTS != "200" ]]; then
     exit 1
 fi
 
+
 # Remove ${GROUP_NAME} of ${ROLE_ID} (administrator) from ${APPLICATION_ID}, as per https://authorization-service-api.web.cern.ch/swagger/index.html#operations-Application-delete_api_v1_0_Application__id__roles__roleid__groups__groupid_
-SUCCESS=$(curl --silent -X DELETE "${AUTHZAPI_URL}/${AUTHZAPI_VERSION}/Application/${APPLICATION_ID}/roles/${ROLE_ID}/groups/${GROUP_NAME}" -H  "accept: text/plain" -H  "Authorization: Bearer ${BEARER_TOKEN}" -d "" -o /dev/null -w "%{http_code}")
-if [[ $SUCCESS != "200" ]]; then
+ SUCCESS=$(curl --silent -X DELETE "${AUTHZAPI_URL}/${AUTHZAPI_VERSION}/Application/${APPLICATION_ID}/roles/${ROLE_ID}/groups/${GROUP_NAME}" -H  "accept: text/plain" -H  "Authorization: Bearer ${BEARER_TOKEN}" -d "" -o /dev/null -w "%{http_code}")
+ if [[ $SUCCESS != "200" ]]; then
     echo "Error binding group to admin role, error code: ${SUCCESS}"
     exit 1
 fi
 echo "Successfully removed ${GROUP_NAME} to applicationID ${APPLICATION_ID}"
+