add admin_token routine to makefile

Makefile

@@ -1136,6 +1136,16 @@ kind/push-images:
 			&& docker push $$IMAGE_REGISTRY/$$image:$(SAFE_BRANCH_NAME); \
 		done
 
+.PHONY: kind/admin-jwt
+kind/admin-jwt:
+	export KUBECONFIG="$$(pwd)/kubeconfig.kind.$(CI_BUILD_TAG)" && \
+		docker run \
+		-e JWTSECRET="$$(./local-dev/kubectl get secret -n lagoon lagoon-core-jwtsecret -o jsonpath="{.data.JWTSECRET}" | base64 --decode)" \
+		-e JWTAUDIENCE=api.dev \
+		-e JWTUSER=localadmin \
+		$(CI_BUILD_TAG)/tests \
+		python3 /ansible/tasks/api/admin_token.py
+
 ## Use kind/retest to only perform a push of the local-dev, or test images, and run the tests
 ## It preserves the last build lagoon core&remote setup, reducing rebuild time
 .PHONY: kind/retest

tests/Dockerfile

@@ -41,11 +41,12 @@ WORKDIR /ansible
 COPY . /ansible
 COPY hosts /etc/ansible/hosts
 
-ENV ANSIBLE_FORCE_COLOR=true
-ENV SSH_AUTH_SOCK=/tmp/ssh-agent
-ENV KEYCLOAK_URL=http://keycloak:8080
-ENV JWTSECRET=super-secret-string
-ENV JWTAUDIENCE=api.dev
+ENV ANSIBLE_FORCE_COLOR=true \
+    SSH_AUTH_SOCK=/tmp/ssh-agent \
+    KEYCLOAK_URL=http://keycloak:8080 \
+    JWTSECRET=super-secret-string \
+    JWTAUDIENCE=api.dev \
+    JWTUSER=test-suite
 
 COPY entrypoint.sh /
 ENTRYPOINT ["/entrypoint.sh"]

tests/tasks/api/admin_token.py

@@ -1,10 +1,10 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import os
 import jwt
 
-payload = {'role': 'admin', 'iss': 'test-suite',
-           'aud': os.environ['JWTAUDIENCE'], 'sub': 'test-suite'}
+payload = {'role': 'admin', 'iss': os.environ['JWTUSER'],
+           'aud': os.environ['JWTAUDIENCE'], 'sub': os.environ['JWTUSER']}
 
 access_token = jwt.encode(payload, os.environ['JWTSECRET'], algorithm='HS256')