Add role mappings (#342)

* add role mappers

* fix typo

* add param

---------

Co-authored-by: Benjamin Rechsteiner <benjamin.rechsteiner@abacus.ch>

Author: wolfaba

manifests/init.pp

@@ -189,6 +189,10 @@
 #   Hash that is used to define keycloak_ldap_user_provider resources.
 # @param ldap_user_providers_merge
 #   Boolean that sets if `ldap_user_providers` should be merged from Hiera.
+# @param role_mappings
+#   Hash that is used to define keycloak_role_mapping resources.
+# @param role_mapping_merge
+#   Boolean that sets if `role_mappings` should be merged from Hiera.
 # @param with_sssd_support
 #   Boolean that determines if SSSD user provider support should be available
 # @param libunix_dbus_java_source
@@ -299,6 +303,8 @@
   Hash $ldap_mappers = {},
   Boolean $ldap_mappers_merge = false,
   Hash $ldap_user_providers = {},
+  Hash $role_mappings = {},
+  Boolean $role_mapping_merge = false,
   Boolean $ldap_user_providers_merge = false,
   Boolean $flow_executions_merge = false,
   Boolean $with_sssd_support = false,

manifests/resources.pp

@@ -63,6 +63,11 @@
   } else {
     $ldap_user_providers = $keycloak::ldap_user_providers
   }
+  if $keycloak::role_mapping_merge {
+    $role_mappings = lookup('keycloak::role_mappings', Hash, 'deep', {})
+  } else {
+    $role_mappings = $keycloak::role_mappings
+  }
 
   $realms.each |$name, $realm| {
     keycloak_realm { $name: * => $realm }
@@ -103,6 +108,9 @@
   $ldap_user_providers.each |$name, $data| {
     keycloak_ldap_user_provider { $name: * => $data }
   }
+  $role_mappings.each |$name, $data| {
+    keycloak_role_mapping { $name: * => $data }
+  }
   $keycloak::spi_deployments.each |$name, $deployment| {
     keycloak::spi_deployment { $name: * => $deployment }
   }