DRAFT: test(IQE-3855): Update user configuration in IQE plugin

[mshriver]

the yaml for users is old in this plugin and needs an attributes block

in addition, the patterns around the old user processing and mutating could use some work.

Iterating on adopting the new UserLike protocol for more stable typing.

Overview

This PR is being created to address RHINENG-xxxx.
(A description of your PR's changes, along with why/context to the PR, goes here.)

PR Checklist

• Keep PR title short, ideally under 72 characters
• Descriptive comments provided in complex code blocks
• Include raw query examples in the PR description, if adding/modifying SQL query
• Tests: validate optimal/expected output
• Tests: validate exceptions and failure scenarios
• Tests: edge cases
• Recovers or fails gracefully during potential resource outages (e.g. DB, Kafka)
• Uses type hinting, if convenient
• Documentation, if this PR changes the way other services interact with host inventory
• Links to related PRs

Secure Coding Practices Documentation Reference

You can find documentation on this checklist here.

Secure Coding Checklist

• Input Validation
• Output Encoding
• Authentication and Password Management
• Session Management
• Access Control
• Cryptographic Practices
• Error Handling and Logging
• Data Protection
• Communication Security
• System Configuration
• Database Security
• File Management
• Memory Management
• General Coding Practices

Summary by Sourcery

Adopt typed user configuration in the IQE host-inventory plugin and update user handling to support the new UserLike-based attributes model while preserving compatibility with legacy identity configs where needed.

New Features:

• Introduce support for typed users (UserLike) by consuming user attributes for account, org, and authentication data instead of relying solely on legacy identity structures.
• Extend user configuration in the default host_inventory YAML to define explicit attributes sections (account, org, profile, and admin flags) for inventory QE, service accounts, UI accounts, and related users across all environments.

Enhancements:

• Update utility helpers (account/org resolution and username lookup) to operate primarily on UserLike instances with a clear configuration error when typed users are not provided, while still accepting mapping-based user data where necessary.
• Adjust request modeling and Kafka interaction layers to derive REST and Kafka identity payloads from UserLike users when available, falling back to legacy mapping-based identity dictionaries for backward compatibility.
• Refine test fixtures and legacy path tests to read owner and identity fields from either attributes or legacy identity sections, accommodating both new and existing user configurations.

Tests:

• Adapt legacy path REST tests and user fixtures to validate behavior with both typed UserLike users and legacy mapping-based identity configurations.

[github-actions]

SC Environment Impact Assessment

Overall Impact: ⚪ NONE

No SC Environment-specific impacts detected in this PR.

What was checked

This PR was automatically scanned for:

• Database migrations
• ClowdApp configuration changes
• Kessel integration changes
• AWS service integrations (S3, RDS, ElastiCache)
• Kafka topic changes
• Secrets management changes
• External dependencies

[mshriver]

@fstavela I'd like to put the actual email into vault and use a ref here.

Moving all fields into vault and we can use the new !credential hook in iqe-core.

[fstavela]

I've added the email to vault