From cbe7884acde4acebf9c23d8ce5fe16dda6f80faa Mon Sep 17 00:00:00 2001
From: Ihar Hancharenka <ihar.hancharenka@inspirebrands.com>
Date: Sun, 29 Dec 2024 16:48:49 +0300
Subject: [PATCH] m

---
 devops/k8s/tools/templating/ytt.txt           |  4 +++
 .../hosting/github/security/auth-token.txt    |  2 ++
 pl/cross/tools/build/gradle/docs/whatsnew.txt |  5 +++
 .../keycloak/features/client-scopes.txt       | 34 +++++++++++++++++++
 4 files changed, 45 insertions(+)
 create mode 100644 devops/k8s/tools/templating/ytt.txt
 create mode 100644 security/server/keycloak/features/client-scopes.txt

diff --git a/devops/k8s/tools/templating/ytt.txt b/devops/k8s/tools/templating/ytt.txt
new file mode 100644
index 000000000..c9a384a64
--- /dev/null
+++ b/devops/k8s/tools/templating/ytt.txt
@@ -0,0 +1,4 @@
+https://carvel.dev/ytt/
+https://carvel.dev/ytt/docs/
+
+https://github.com/carvel-dev/ytt
diff --git a/devops/vcs/git/hosting/github/security/auth-token.txt b/devops/vcs/git/hosting/github/security/auth-token.txt
index add2f725f..e1f4781d3 100644
--- a/devops/vcs/git/hosting/github/security/auth-token.txt
+++ b/devops/vcs/git/hosting/github/security/auth-token.txt
@@ -1 +1,3 @@
+settings -> developer
+https://github.com/settings/apps
 https://github.com/settings/tokens/new
diff --git a/pl/cross/tools/build/gradle/docs/whatsnew.txt b/pl/cross/tools/build/gradle/docs/whatsnew.txt
index 986f97f8d..9ebbbcb4c 100644
--- a/pl/cross/tools/build/gradle/docs/whatsnew.txt
+++ b/pl/cross/tools/build/gradle/docs/whatsnew.txt
@@ -1,8 +1,13 @@
 https://github.com/gradle/gradle/releases
 
 9.x
+https://gradle.org/whats-new/gradle-9/
+Jacomet - Gradle 9 is coming: What’s in it for developers? 0:00 of 58:48
+    https://www.youtube.com/watch?v=FBCqeY6AhMM
 Jfocus - The road to Gradle 9 by Louis Jacomet 0:00 of 50:24
     https://www.youtube.com/watch?v=uIq5X7Ty0_0
+misc
+    https://www.youtube.com/watch?v=9CTNORD_Dx4
 
 8.x
 https://docs.gradle.org/8.10.2/release-notes.html
diff --git a/security/server/keycloak/features/client-scopes.txt b/security/server/keycloak/features/client-scopes.txt
new file mode 100644
index 000000000..eea3b343c
--- /dev/null
+++ b/security/server/keycloak/features/client-scopes.txt
@@ -0,0 +1,34 @@
+https://www.baeldung.com/keycloak-custom-user-attributes
+
+"operator_id": "54c496e5-de79-4ed7-9acb-248181e6c780"
+"realm_access": { "roles": [ ..., "operator" ] }
+"scopes" : "... operator_id"
+"groups": [..., "operator" ],
+
+Realm settings -> User profile -> Create attribute
+    operator_id
+    permissions -> Admin/Admin
+    annotations -> Input type - text
+    JSON editor
+        https://www.keycloak.org/docs/latest/server_admin/#_user-profile-json-configuration
+        fix displayName
+
+Realm roles -> operator
+Users -> some-user -> Role mapping -> Assign role -> select "Filter by Realm Roles"
+
+Client scopes -> operator_id
+    Settings -> 
+        Include in token scope -> On
+    Mappers 
+        Mapper type: "User Attribute"
+        Name: operator_id
+        User Attribute: operator_id
+        Token Claim Name: operator_id
+        Add to: id token, access token, user info, token introspection
+Clients -> account-console - Client scopes -> Add client scope -> operator_id (Default)
+
+check 
+    "Realm Roles -> operator -> Users in role"
+    Users -> some-user -> Details -> operatorId attribute
+    clients -> client scopes tab -> evaluate -> 
+        generated access token