diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 8bd5b6f..07acf4d 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -23,6 +23,7 @@ method: POST body: "client_id=admin-cli&username=admin&password={{ keycloak_admin_password }}&grant_type=password" validate_certs: no + register: keycloak_auth_response until: keycloak_auth_response.status == 200 retries: 2 delay: 2 \ No newline at end of file diff --git a/roles/keycloak/tasks/install.yml b/roles/keycloak/tasks/install.yml index 9e0dbd3..7fee03d 100644 --- a/roles/keycloak/tasks/install.yml +++ b/roles/keycloak/tasks/install.yml @@ -71,9 +71,10 @@ delegate_to: localhost - name: Download keycloak archive - ansible.builtin.get_url: + ansible.builtin.get_url: # noqa risky-file-permissions delegated, uses controller host user url: "{{ keycloak_download_url }}" dest: "{{ local_path.stat.path }}/{{ keycloak.bundle }}" + mode: 0640 delegate_to: localhost when: - archive_path is defined @@ -99,9 +100,10 @@ - keycloak_rhn_url in keycloak_rhsso_download_url - name: Download rhsso archive from alternate location - ansible.builtin.get_url: + ansible.builtin.get_url: # noqa risky-file-permissions delegated, uses controller host user url: "{{ keycloak_rhsso_download_url }}" dest: "{{ local_path.stat.path }}/{{ keycloak.bundle }}" + mode: 0640 delegate_to: localhost when: - archive_path is defined diff --git a/roles/keycloak/tasks/rhsso_patch.yml b/roles/keycloak/tasks/rhsso_patch.yml index b290877..f517e7a 100644 --- a/roles/keycloak/tasks/rhsso_patch.yml +++ b/roles/keycloak/tasks/rhsso_patch.yml @@ -83,5 +83,5 @@ success_msg: "Patch installation successful" - name: "Skipping patch" - debug: + ansible.builtin.debug: msg: "Latest cumulative patch {{ rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.v }} already installed, skipping patch installation." diff --git a/roles/keycloak/tasks/systemd.yml b/roles/keycloak/tasks/systemd.yml index 8145189..77f7d7c 100644 --- a/roles/keycloak/tasks/systemd.yml +++ b/roles/keycloak/tasks/systemd.yml @@ -9,12 +9,13 @@ notify: - restart keycloak -- name: Determine JAVA_HOME for selected JVM RPM - shell: | +- name: Determine JAVA_HOME for selected JVM RPM # noqa blocked_modules + ansible.builtin.shell: | set -o pipefail rpm -ql {{ keycloak_jvm_package }} | grep -Po '/usr/lib/jvm/.*(?=/bin/java$)' args: executable: /bin/bash + changed_when: False register: rpm_java_home - name: "Configure sysconfig file for {{ keycloak.service_name }} service" diff --git a/roles/keycloak_quarkus/tasks/install.yml b/roles/keycloak_quarkus/tasks/install.yml index c8e5b73..ba6ec40 100644 --- a/roles/keycloak_quarkus/tasks/install.yml +++ b/roles/keycloak_quarkus/tasks/install.yml @@ -52,9 +52,10 @@ delegate_to: localhost - name: Download keycloak archive - ansible.builtin.get_url: + ansible.builtin.get_url: # noqa risky-file-permissions delegated, uses controller host user url: "{{ keycloak_quarkus_download_url }}" dest: "{{ local_path.stat.path }}/{{ keycloak.bundle }}" + mode: 0640 delegate_to: localhost when: - archive_path is defined