terraform: add junior packager groups and roles for core/extra

Signed-off-by: Leonidas Spyropoulos artafinde@gmail.com

tf-stage2/keycloak.tf

@@ -393,6 +393,26 @@ resource "keycloak_group" "externalcontributors" {
   name     = "External Contributors"
 }
 
+resource "keycloak_group" "corepackagemaintainers" {
+  realm_id = "archlinux"
+  name     = "Core Package Maintainers"
+}
+
+resource "keycloak_group" "juniorcorepackagemaintainers" {
+  realm_id = "archlinux"
+  name     = "Junior Core Package Maintainers"
+}
+
+resource "keycloak_group" "packagemaintainers" {
+  realm_id = "archlinux"
+  name     = "Package Maintainers"
+}
+
+resource "keycloak_group" "juniorpackagemaintainers" {
+  realm_id = "archlinux"
+  name     = "Package Maintainers"
+}
+
 resource "keycloak_group" "externalcontributors_groups" {
   for_each = toset(["Security Team", "Archweb"])
 
@@ -435,6 +455,30 @@ resource "keycloak_role" "externalcontributor" {
   description = "Role held by external contributors working on Arch Linux projects without further access"
 }
 
+resource "keycloak_role" "corepackagemaintainer" {
+  realm_id    = "archlinux"
+  name        = "Core Package Maintainer"
+  description = "Role held by packagers of core repository"
+}
+
+resource "keycloak_role" "juniorcorepackagemaintainer" {
+  realm_id    = "archlinux"
+  name        = "Junior Core Package Maintainer"
+  description = "Junior Role held by packagers of core repository "
+}
+
+resource "keycloak_role" "packagemaintainer" {
+  realm_id    = "archlinux"
+  name        = "Package Maintainer"
+  description = "Role held by packagers of extra repository"
+}
+
+resource "keycloak_role" "juniorpackagemaintainer" {
+  realm_id    = "archlinux"
+  name        = "Junior Package Maintainer"
+  description = "Junior Role held by packagers of extra repository "
+}
+
 resource "keycloak_group_roles" "devops" {
   realm_id = "archlinux"
   group_id = keycloak_group.staff_groups["DevOps"].id
@@ -459,6 +503,38 @@ resource "keycloak_group_roles" "externalcontributor" {
   ]
 }
 
+resource "keycloak_group_roles" "corepackagemaintainer" {
+  realm_id = "archlinux"
+  group_id = keycloak_group.corepackagemaintainers.id
+  role_ids = [
+    keycloak_role.corepackagemaintainer.id
+  ]
+}
+
+resource "keycloak_group_roles" "juniorcorepackagemaintainer" {
+  realm_id = "archlinux"
+  group_id = keycloak_group.juniorcorepackagemaintainers.id
+  role_ids = [
+    keycloak_role.juniorcorepackagemaintainer.id
+  ]
+}
+
+resource "keycloak_group_roles" "packagemaintainer" {
+  realm_id = "archlinux"
+  group_id = keycloak_group.packagemaintainers.id
+  role_ids = [
+    keycloak_role.packagemaintainer.id
+  ]
+}
+
+resource "keycloak_group_roles" "juniorpackagemaintainer" {
+  realm_id = "archlinux"
+  group_id = keycloak_group.juniorpackagemaintainers.id
+  role_ids = [
+    keycloak_role.juniorpackagemaintainer.id
+  ]
+}
+
 // Add new custom registration flow with reCAPTCHA
 resource "keycloak_authentication_flow" "arch_registration_flow" {
   realm_id    = "archlinux"