diff --git a/roles/keycloak/README.md b/roles/keycloak/README.md index 60c183a..1ab0aba 100644 --- a/roles/keycloak/README.md +++ b/roles/keycloak/README.md @@ -68,6 +68,7 @@ Role Defaults |`keycloak_rhsso_download_url`| Download URL for RHSSO | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=`| |`keycloak_version`| keycloak.org package version | `15.0.2` | |`keycloak_rhsso_version`| RHSSO version | `7.5.0` | +|`keycloak_rhsso_apply_patches`| Install RHSSO more recent cumulative patch | `True` | |`keycloak_dest`| Installation root path | `/opt/keycloak` | |`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` | |`keycloak_rhn_url` | Base download URI for customer portal | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=` | @@ -91,7 +92,7 @@ Role Defaults |`keycloak_force_install` | Remove pre-existing versions of service | `False` | |`keycloak_url` | URL for configuration rest calls | `http://{{ keycloak_host }}:{{ keycloak_http_port }}` | |`keycloak_management_url` | URL for management console rest calls | `http://{{ keycloak_host }}:{{ keycloak_management_http_port }}` | -|`rhsso_rhn_id` | Customer Portal product ID for Red Hat SSO | `{{ rhsso_rhn_ids[keycloak_rhsso_version] }}` | +|`rhsso_rhn_id` | Customer Portal product ID for Red Hat SSO | `{{ rhsso_rhn_ids[keycloak_rhsso_version].id }}` | Role Variables diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml index a4af3fe..6515664 100644 --- a/roles/keycloak/defaults/main.yml +++ b/roles/keycloak/defaults/main.yml @@ -8,11 +8,12 @@ keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}" ### Configuration specific to Red Hat Single Sing-On keycloak_rhsso_version: 7.5.0 -rhsso_rhn_id: "{{ rhsso_rhn_ids[keycloak_rhsso_version] }}" +rhsso_rhn_id: "{{ rhsso_rhn_ids[keycloak_rhsso_version].id }}" keycloak_rhsso_archive: "rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip" keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}" keycloak_rhn_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=' keycloak_rhsso_download_url: "{{ keycloak_rhn_url }}{{ rhsso_rhn_id }}" +keycloak_rhsso_apply_patches: True ### keycloak/rhsso choice: by default install rhsso if rhn credentials are defined keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined and rhn_username is defined and rhn_password is defined else False }}" diff --git a/roles/keycloak/meta/argument_specs.yml b/roles/keycloak/meta/argument_specs.yml index 8331945..311f57a 100644 --- a/roles/keycloak/meta/argument_specs.yml +++ b/roles/keycloak/meta/argument_specs.yml @@ -33,7 +33,7 @@ argument_specs: type: "str" rhsso_rhn_id: # line 11 of keycloak/defaults/main.yml - default: "{{ rhsso_rhn_ids[keycloak_rhsso_version] }}" + default: "{{ rhsso_rhn_ids[keycloak_rhsso_version].id }}" description: "Customer Portal product ID for Red Hat SSO" type: "str" keycloak_rhsso_archive: @@ -41,6 +41,11 @@ argument_specs: default: "rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip" description: "ed Hat SSO install archive filename" type: "str" + keycloak_rhsso_apply_patches: + # line 16 of keycloak/defaults/main.yml + default: true + description: "Install RHSSO more recent cumulative patch" + type: "bool" keycloak_rhsso_installdir: # line 13 of keycloak/defaults/main.yml default: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}" diff --git a/roles/keycloak/tasks/rhsso_cli.yml b/roles/keycloak/tasks/rhsso_cli.yml new file mode 100644 index 0000000..9e9d7f5 --- /dev/null +++ b/roles/keycloak/tasks/rhsso_cli.yml @@ -0,0 +1,20 @@ +--- +- name: Ensure required params for CLI have been provided + ansible.builtin.assert: + that: + - query is defined + fail_msg: "Missing required parameters to execute CLI." + quiet: true + +- name: Verify server management interface is functional + ansible.builtin.uri: + url: "{{ keycloak_management_url }}" + register: result + until: result.status == 200 + retries: 5 + delay: 5 + +- name: "Execute CLI query: {{ query }}" + ansible.builtin.command: > + {{ path_to_cli }} -c --output-json --command='{{ query }}' --controller={{ keycloak_host }}:{{ keycloak_management_http_port }} + changed_when: false \ No newline at end of file diff --git a/roles/keycloak/vars/main.yml b/roles/keycloak/vars/main.yml index 43ece24..f639a3c 100644 --- a/roles/keycloak/vars/main.yml +++ b/roles/keycloak/vars/main.yml @@ -5,8 +5,11 @@ keycloak_admin_password: # internal variables below rhsso_rhn_ids: - '7.5.0': '101971' - '7.5.1': '103836' + '7.5.0': + id: '101971' + latest_cp: + id: '103836' + v: '7.5.1' # locations keycloak_url: "http://{{ keycloak_host }}:{{ keycloak_http_port }}"