Add bulk creation and deletion methods

Signed-off-by: Dominika Zemanovicova <dzemanov@redhat.com>

Author: dzemanov

docs/api/deployment/keycloak-helper.md

@@ -78,14 +78,6 @@ async deploy(): Promise<void>
 
 Deploy Keycloak using Bitnami Helm chart.
 
-### `deployAndConfigureForRHDH()`
-
-```typescript
-async deployAndConfigureForRHDH(options?: object): Promise<void>
-```
-
-Deploy Keycloak and then configure it for RHDH (realm + client + groups + users).
-
 ### `configureForRHDH()`
 
 ```typescript
@@ -110,6 +102,22 @@ async connect(config: KeycloakConnectionConfig): Promise<void>
 
 Connect to an existing Keycloak instance.
 
+### `createUsersAndGroups()`
+
+```typescript
+async createUsersAndGroups(realm: string, options?: { users?: KeycloakUserConfig[]; groups?: KeycloakGroupConfig[]; }): Promise<void>
+```
+
+Create new users and groups in a realm.
+
+### `deleteUsersAndGroups()`
+
+```typescript
+async deleteUsersAndGroups(realm: string, options?: { users?: Array<KeycloakUserConfig | string>; groups?: Array<KeycloakGroupConfig | string> }): Promise<void>
+```
+
+Delete users and groups from a realm.
+
 ### `createRealm()`
 
 ```typescript

docs/guide/deployment/authentication.md

@@ -152,16 +152,18 @@ No additional environment variables required.
 
 ### Keycloak Auth
 
-These are automatically set by `KeycloakHelper.configureForRHDH()`:
-
-| Variable | Description |
-|----------|-------------|
-| `KEYCLOAK_BASE_URL` | Keycloak instance URL |
-| `KEYCLOAK_REALM` | Realm name |
-| `KEYCLOAK_CLIENT_ID` | OIDC client ID |
-| `KEYCLOAK_CLIENT_SECRET` | OIDC client secret |
-| `KEYCLOAK_METADATA_URL` | OIDC discovery URL |
-| `KEYCLOAK_LOGIN_REALM` | Login realm name |
+These are automatically set by `KeycloakHelper.configureForRHDH()` or populated from global workspace in the vault:
+
+| Variable                        | Description           |
+| ------------------------------- | --------------------- |
+| `KEYCLOAK_BASE_URL`             | Keycloak instance URL |
+| `KEYCLOAK_REALM`                | Realm name            |
+| `KEYCLOAK_CLIENT_ID`            | OIDC client ID        |
+| `KEYCLOAK_CLIENT_SECRET`        | OIDC client secret    |
+| `KEYCLOAK_METADATA_URL`         | OIDC discovery URL    |
+| `KEYCLOAK_LOGIN_REALM`          | Login realm name      |
+| `VAULT_KEYCLOAK_ADMIN_USERNAME` | Admin username        |
+| `VAULT_KEYCLOAK_ADMIN_PASSWORD` | Admin password        |
 
 ### GitHub Auth
 

docs/guide/deployment/keycloak-deployment.md

@@ -92,7 +92,7 @@ await keycloak.configureForRHDH({
     clientId: "my-client",
     clientSecret: "my-secret",
   },
-  groups: ["developers", "admins"],
+  groups: [{ name: "developers" }, { name: "admins" }],
   users: [
     { username: "user1", password: "pass1", groups: ["developers"] },
     { username: "user2", password: "pass2", groups: ["admins"] },
@@ -156,6 +156,18 @@ const users = await keycloak.getUsers("rhdh");
 
 // Delete user
 await keycloak.deleteUser("rhdh", "username");
+
+// Create multiple users
+await keycloak.createUsersAndGroups("rhdh", {
+  users: [
+    { username: "user1", password: "pass1" },
+    { username: "user2", password: "pass2", groups: ["developers"] },
+  ],
+});
+
+// Delete multiple users - by objects or by usernames
+await keycloak.deleteUsersAndGroups("rhdh", { users });
+await keycloak.deleteUsersAndGroups("rhdh", { users: ["user1", "user2"] });
 ```
 
 ### Group Management
@@ -169,6 +181,15 @@ const groups = await keycloak.getGroups("rhdh");
 
 // Delete group
 await keycloak.deleteGroup("rhdh", "testers");
+
+// Create multiple groups
+await keycloak.createUsersAndGroups("rhdh", {
+  groups: [{ name: "admins" }, { name: "viewers" }],
+});
+
+// Delete multiple groups - by objects or by group names
+await keycloak.deleteUsersAndGroups("rhdh", { groups });
+await keycloak.deleteUsersAndGroups("rhdh", { groups: ["admins", "viewers"] });
 ```
 
 ### Using getUsers and getGroupsOfUser in tests

docs/tutorials/keycloak-oidc-testing.md

@@ -66,8 +66,8 @@ test.beforeAll(async ({ rhdh }) => {
   // Connect to existing Keycloak
   await keycloak.connect({
     baseUrl: process.env.KEYCLOAK_BASE_URL!,
-    username: "admin",
-    password: "admin123",
+    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
+    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
   });
 
   // Create admin user
@@ -90,6 +90,56 @@ test.beforeAll(async ({ rhdh }) => {
 });
 ```
 
+## Creating Custom Users and Groups in Bulk
+
+```typescript
+import { KeycloakHelper } from "@red-hat-developer-hub/e2e-test-utils/keycloak";
+import type {
+  KeycloakGroupConfig,
+  KeycloakUserConfig,
+} from "@red-hat-developer-hub/e2e-test-utils/keycloak";
+
+const TEST_GROUPS: KeycloakGroupConfig[] = [
+  { name: "writers" },
+  { name: "readers" },
+];
+
+const TEST_USERS: Record<string, KeycloakUserConfig> = {
+  reader: {
+    username: "catalog-reader",
+    password: crypto.randomUUID().substring(0, 21).replaceAll("-", "0"),
+    groups: ["readers"],
+  },
+  writer: {
+    username: "catalog-writer",
+    password: crypto.randomUUID().substring(0, 21).replaceAll("-", "0"),
+    groups: ["writers"],
+  },
+};
+
+test.beforeAll(async ({ rhdh }) => {
+  const keycloak = new KeycloakHelper();
+  await keycloak.connect({
+    baseUrl: process.env.KEYCLOAK_BASE_URL!,
+    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
+    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
+  });
+  await keycloak.createUsersAndGroups(process.env.KEYCLOAK_REALM!, {
+    users: Object.values(TEST_USERS),
+    groups: TEST_GROUPS,
+  });
+
+  await rhdh.configure({ auth: "keycloak" });
+  await rhdh.deploy();
+});
+
+test.describe("Writer access", () => {
+  test.beforeEach(async ({ page, loginHelper }) => {
+    await page.goto("/");
+    await loginHelper.loginAsKeycloakUser(TEST_USERS.writer.username, TEST_USERS.writer.password);
+  });
+```
+
 ## Testing Role-Based Access
 
 ```typescript
@@ -160,8 +210,8 @@ test.afterAll(async () => {
   const keycloak = new KeycloakHelper();
   await keycloak.connect({
     baseUrl: process.env.KEYCLOAK_BASE_URL!,
-    username: "admin",
-    password: "admin123",
+    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
+    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
   });
 
   // Cleanup custom users
@@ -170,6 +220,27 @@ test.afterAll(async () => {
 });
 ```
 
+## Cleanup in Bulk
+
+```typescript
+import { KeycloakHelper } from "@red-hat-developer-hub/e2e-test-utils/keycloak";
+
+test.afterAll(async () => {
+  const keycloak = new KeycloakHelper();
+  await keycloak.connect({
+    baseUrl: process.env.KEYCLOAK_BASE_URL!,
+    username: process.env.VAULT_KEYCLOAK_ADMIN_USERNAME!,
+    password: process.env.VAULT_KEYCLOAK_ADMIN_PASSWORD!,
+  });
+
+  // Cleanup custom users and groups
+  await keycloak.deleteUsersAndGroups("rhdh", {
+    users: TEST_USERS,
+    groups: TEST_GROUPS,
+  });
+});
+```
+
 ## Best Practices
 
 1. **Use default users for simple tests** - `test1`, `test2`

src/deployment/keycloak/deployment.ts

@@ -50,19 +50,6 @@ export class KeycloakHelper {
     await this._initializeAdminClient();
   }
 
-  /**
-   * Deploy Keycloak configured with realm, client, groups and users for RHDH
-   */
-  async deployAndConfigure(options?: {
-    realm?: string;
-    client?: Partial<KeycloakClientConfig>;
-    groups?: KeycloakGroupConfig[];
-    users?: KeycloakUserConfig[];
-  }): Promise<void> {
-    await this.deploy();
-    await this.configureForRHDH(options);
-  }
-
   /**
    * Check if Keycloak is already running
    */
@@ -285,6 +272,28 @@ export class KeycloakHelper {
     }
   }
 
+  /**
+   * Create users and groups in a realm.
+   */
+  async createUsersAndGroups(
+    realm: string,
+    options: {
+      users?: KeycloakUserConfig[];
+      groups?: KeycloakGroupConfig[];
+    },
+  ): Promise<void> {
+    await this._ensureAdminClient();
+    const { groups = [], users = [] } = options;
+
+    for (const group of groups) {
+      await this.createGroup(realm, group);
+    }
+
+    for (const user of users) {
+      await this.createUser(realm, user);
+    }
+  }
+
   /**
    * Get all users in a realm
    */
@@ -364,6 +373,31 @@ export class KeycloakHelper {
     }
   }
 
+  /**
+   * Delete users and groups from a realm.
+   */
+  async deleteUsersAndGroups(
+    realm: string,
+    options: {
+      users?: Array<KeycloakUserConfig | string>;
+      groups?: Array<KeycloakGroupConfig | string>;
+    },
+  ): Promise<void> {
+    await this._ensureAdminClient();
+    const { groups = [], users = [] } = options;
+
+    const usernames = users.map((u) => (typeof u === "string" ? u : u.username));
+    const groupNames = groups.map((g) => (typeof g === "string" ? g : g.name));
+
+    for (const username of usernames) {
+      await this.deleteUser(realm, username);
+    }
+
+    for (const groupName of groupNames) {
+      await this.deleteGroup(realm, groupName);
+    }
+  }
+
   /**
    * Delete a realm
    */

src/deployment/keycloak/index.ts

@@ -1,2 +1,2 @@
 export { KeycloakHelper } from "./deployment.js";
-export type { KeycloakUserConfig, KeycloakGroupConfig } from "./types.js";
+export type * from "./types.js";