Updated user logic

tests/integration/test_domain_uniqueness.py

@@ -12,7 +12,7 @@ class TestDomainUniqueness(unittest.TestCase):
         and assert that no domain appears more than once.
         """
         repo_root = Path(__file__).resolve().parents[2]
-        yaml_file = repo_root / 'group_vars' / 'all' / '03_applications.yml'
+        yaml_file = repo_root / 'group_vars' / 'all' / '04_applications.yml'
 
         # Generate the file if it doesn't exist
         if not yaml_file.exists():

tests/integration/test_oauth2_proxy_ports.py

@@ -8,7 +8,7 @@ class TestOAuth2ProxyPorts(unittest.TestCase):
     def setUpClass(cls):
         # Set up root paths and load oauth2_proxy ports mapping
         cls.ROOT = Path(__file__).parent.parent.parent.resolve()
-        cls.PORTS_FILE = cls.ROOT / 'group_vars' / 'all' / '08_ports.yml'
+        cls.PORTS_FILE = cls.ROOT / 'group_vars' / 'all' / '09_ports.yml'
         with cls.PORTS_FILE.open() as f:
             data = yaml.safe_load(f)
         cls.oauth2_ports = (
@@ -50,7 +50,7 @@ class TestOAuth2ProxyPorts(unittest.TestCase):
                 if app_id not in self.oauth2_ports:
                     self.fail(
                         f"Missing oauth2_proxy port mapping for application '{app_id}' "
-                        f"in group_vars/all/08_ports.yml"
+                        f"in group_vars/all/09_ports.yml"
                     )
 
 

tests/unit/test_generate_applications_defaults_users.py

@@ -0,0 +1,65 @@
+import os
+import unittest
+import tempfile
+import shutil
+import yaml
+from pathlib import Path
+import subprocess
+
+class TestGenerateDefaultApplicationsUsers(unittest.TestCase):
+    def setUp(self):
+        # Setup temporary roles directory
+        self.temp_dir = Path(tempfile.mkdtemp())
+        self.roles_dir = self.temp_dir / "roles"
+        self.roles_dir.mkdir()
+
+        # Sample role with users meta
+        self.role = self.roles_dir / "docker-app-with-users"
+        (self.role / "vars").mkdir(parents=True)
+        (self.role / "meta").mkdir(parents=True)
+
+        # Write application_id and configuration
+        (self.role / "vars" / "main.yml").write_text("application_id: app_with_users\n")
+        (self.role / "vars" / "configuration.yml").write_text("setting: value\n")
+
+        # Write users meta
+        users_meta = {
+            'users': {
+                'alice': {'uid': 2001, 'gid': 2001},
+                'bob': {'uid': 2002, 'gid': 2002}
+            }
+        }
+        with (self.role / "meta" / "users.yml").open('w', encoding='utf-8') as f:
+            yaml.dump(users_meta, f)
+
+        # Output file path
+        self.output_file = self.temp_dir / "output.yml"
+
+    def tearDown(self):
+        shutil.rmtree(self.temp_dir)
+
+    def test_users_injection(self):
+        """
+        When a users.yml exists with defined users, the script should inject a 'users'
+        mapping in the generated YAML, mapping each username to a Jinja2 reference.
+        """
+        script_path = Path(__file__).resolve().parents[2] / "cli" / "generate-applications-defaults.py"
+        result = subprocess.run([
+            "python3", str(script_path),
+            "--roles-dir", str(self.roles_dir),
+            "--output-file", str(self.output_file)
+        ], capture_output=True, text=True)
+        self.assertEqual(result.returncode, 0, msg=result.stderr)
+        data = yaml.safe_load(self.output_file.read_text())
+
+        apps = data.get('defaults_applications', {})
+        # Only the app with users should be present
+        self.assertIn('app_with_users', apps)
+
+        # 'users' section should be present and correct
+        users_map = apps['app_with_users']['users']
+        expected = {'alice': '{{ users["alice"] }}', 'bob': '{{ users["bob"] }}'}
+        self.assertEqual(users_map, expected)
+
+if __name__ == '__main__':
+    unittest.main()

tests/unit/test_generate_default_applications.py

@@ -23,7 +23,7 @@ class TestGenerateDefaultApplications(unittest.TestCase):
         (self.sample_role / "vars" / "configuration.yml").write_text("foo: bar\nbaz: 123\n")
 
         # Output file path
-        self.output_file = self.temp_dir / "group_vars" / "all" / "03_applications.yml"
+        self.output_file = self.temp_dir / "group_vars" / "all" / "04_applications.yml"
 
     def tearDown(self):
         shutil.rmtree(self.temp_dir)

tests/unit/test_generate_users.py

@@ -114,18 +114,18 @@ class TestGenerateUsers(unittest.TestCase):
         # create temp roles structure
         tmp = tempfile.mkdtemp()
         try:
-            os.makedirs(os.path.join(tmp, 'role1/vars'))
-            os.makedirs(os.path.join(tmp, 'role2/vars'))
+            os.makedirs(os.path.join(tmp, 'role1/meta'))
+            os.makedirs(os.path.join(tmp, 'role2/meta'))
             # role1 defines user x
-            with open(os.path.join(tmp, 'role1/vars/configuration.yml'), 'w') as f:
+            with open(os.path.join(tmp, 'role1/meta/users.yml'), 'w') as f:
                 yaml.safe_dump({'users': {'x': {'email': 'x@a'}}}, f)
             # role2 defines same user x with same value
-            with open(os.path.join(tmp, 'role2/vars/configuration.yml'), 'w') as f:
+            with open(os.path.join(tmp, 'role2/meta/users.yml'), 'w') as f:
                 yaml.safe_dump({'users': {'x': {'email': 'x@a'}}}, f)
             defs = generate_users.load_user_defs(tmp)
             self.assertIn('x', defs)
             # now conflict definition
-            with open(os.path.join(tmp, 'role2/vars/configuration.yml'), 'w') as f:
+            with open(os.path.join(tmp, 'role2/meta/users.yml'), 'w') as f:
                 yaml.safe_dump({'users': {'x': {'email': 'x@b'}}}, f)
             with self.assertRaises(ValueError):
                 generate_users.load_user_defs(tmp)