Update realm-export.json with fixed UUID endianness, correct passwords,
mappers, and SSL configuration. Add ALTER DEFAULT PRIVILEGES for app_admin
in PostgreSQL init.sh to ensure proper role permissions.
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
- Replaced placeholder UUIDs (club-1-uuid, club-2-uuid) with real database UUIDs
- Updated all 5 test users via Keycloak database
- Restarted Keycloak to clear caches and apply changes
Impact:
- JWT tokens now contain real UUIDs in clubs claim
- API endpoints accept X-Tenant-Id with real UUIDs (returns 200 OK)
- Unblocks 46 remaining QA scenarios
Documentation:
- Created update-keycloak-club-uuids.py script for automation
- Added KEYCLOAK_UPDATE_GUIDE.md with step-by-step instructions
- Recorded learnings in notepad
Ref: .sisyphus/evidence/final-f3-manual-qa.md lines 465-512
- Removed invalid init.sql with syntax error (ALTER DEFAULT PRIVILEGES IN DATABASE unsupported)
- Added init.sh with corrected SQL using IN SCHEMA public
- Fixes PostgreSQL initialization for RLS and permissions setup
Ultraworked with Sisyphus <https://github.com/code-yeongyu/oh-my-opencode>
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
