Merge pull request #26 from guidograzioli/keycloak_admin_password_var

move admin pwd param from vars to defaults and assert
main
Guido Grazioli 2022-03-25 09:57:21 +01:00 committed by GitHub
commit 10ff1763c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 24 additions and 17 deletions

View File

@ -2,17 +2,15 @@
- name: Converge - name: Converge
hosts: all hosts: all
vars: vars:
keycloak_admin_password: "remembertochangeme"
tasks: tasks:
- name: Include keycloak role - name: Include keycloak role
include_role: include_role:
name: ../../roles/keycloak name: ../../roles/keycloak
vars:
keycloak_admin_password: "changeme"
- name: Keycloak Realm Role - name: Keycloak Realm Role
include_role: include_role:
name: ../../roles/keycloak_realm name: ../../roles/keycloak_realm
vars: vars:
keycloak_admin_password: "changeme"
keycloak_client_default_roles: keycloak_client_default_roles:
- TestRoleAdmin - TestRoleAdmin
- TestRoleUser - TestRoleUser

View File

@ -8,3 +8,4 @@
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- ansible_facts.services["keycloak.service"]["state"] == "running" - ansible_facts.services["keycloak.service"]["state"] == "running"
- ansible_facts.services["keycloak.service"]["status"] == "enabled"

View File

@ -6,7 +6,7 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: middleware_automation.keycloak.keycloak_realm name: middleware_automation.keycloak.keycloak_realm
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_realm: TestRealm keycloak_realm: TestRealm
keycloak_user_federation: keycloak_user_federation:
- realm: TestRealm - realm: TestRealm

View File

@ -2,7 +2,7 @@
- name: Playbook for Keycloak Hosts - name: Playbook for Keycloak Hosts
hosts: keycloak hosts: keycloak
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_rhsso_enable: True keycloak_rhsso_enable: True
collections: collections:
- middleware_automation.redhat_csp_download - middleware_automation.redhat_csp_download

View File

@ -32,6 +32,9 @@ keycloak_service_group: keycloak
keycloak_service_pidfile: "/run/keycloak.pid" keycloak_service_pidfile: "/run/keycloak.pid"
keycloak_configure_firewalld: False keycloak_configure_firewalld: False
### administrator console password
keycloak_admin_password: ''
### Common configuration settings ### Common configuration settings
keycloak_bind_address: 0.0.0.0 keycloak_bind_address: 0.0.0.0
keycloak_host: localhost keycloak_host: localhost

View File

@ -23,5 +23,7 @@ galaxy_info:
- keycloak - keycloak
- redhat - redhat
- rhel - rhel
- rhn
- sso - sso
- authentication
- identity
- security

View File

@ -1,5 +1,5 @@
--- ---
- name: Ensures required package firewalld are installed - name: Ensure required package firewalld are installed
ansible.builtin.include_tasks: fastpackages.yml ansible.builtin.include_tasks: fastpackages.yml
vars: vars:
packages_list: packages_list:

View File

@ -1,4 +1,12 @@
--- ---
- name: Validate admin console password
ansible.builtin.assert:
that:
- keycloak_admin_password | length > 12
quiet: True
fail_msg: "The console administrator password is empty or invalid. Please set the keycloak_admin_password variable to a 16+ char long string"
success_msg: "{{ 'Console administrator password OK' }}"
- name: Validate configuration - name: Validate configuration
ansible.builtin.assert: ansible.builtin.assert:
that: that:
@ -16,7 +24,7 @@
fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined" fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined"
success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}" success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}"
- name: Ensures required packages are installed - name: Ensure required packages are installed
ansible.builtin.include_tasks: fastpackages.yml ansible.builtin.include_tasks: fastpackages.yml
vars: vars:
packages_list: packages_list:

View File

@ -1,8 +1,4 @@
--- ---
# required variables for keycloak
# administrator console password
keycloak_admin_password:
# internal variables below # internal variables below
rhsso_rhn_ids: rhsso_rhn_ids:
'7.5.0': '7.5.0':

View File

@ -30,8 +30,8 @@ The following are a set of _required_ variables for the role:
| Variable | Description | | Variable | Description |
|:---------|:------------| |:---------|:------------|
|`keycloak_admin_password`| Password for the administration console user account |
|`keycloak_realm` | Name of the realm to be created | |`keycloak_realm` | Name of the realm to be created |
|`keycloak_admin_password`| Password for the administration console user account |
The following variables are available for creating clients: The following variables are available for creating clients:

View File

@ -11,6 +11,8 @@ keycloak_admin_user: admin
keycloak_auth_realm: master keycloak_auth_realm: master
keycloak_auth_client: admin-cli keycloak_auth_client: admin-cli
# administrator console password, this is a required variable
keycloak_admin_password: ''
### Keycloak realms, clients, roles, federation ### Keycloak realms, clients, roles, federation
# list of clients to create in the realm # list of clients to create in the realm

View File

@ -1,9 +1,6 @@
--- ---
# vars file for keycloak_realm # vars file for keycloak_realm
# administrator console password, this is a required variable
keycloak_admin_password:
# name of the realm to create, this is a required variable # name of the realm to create, this is a required variable
keycloak_realm: keycloak_realm: