diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1b4d72e..cafc1eb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: ANSIBLE_GALAXY_API_KEY: ${{ secrets.ANSIBLE_GALAXY_API_KEY }} run: | ansible-galaxy collection publish *.tar.gz --api-key $ANSIBLE_GALAXY_API_KEY - dispatch: + dispatch: needs: release strategy: matrix: diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml index de619ac..c508e74 100644 --- a/roles/keycloak/defaults/main.yml +++ b/roles/keycloak/defaults/main.yml @@ -7,11 +7,17 @@ keycloak_download_url_9x: "https://downloads.jboss.org/keycloak/{{ keycloak_vers keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}" ### Configuration specific to Red Hat Single Sing-On -keycloak_rhsso_enable: False -keycloak_rhsso_version: 7.5 +keycloak_rhsso_version: 7.5.0 +rhsso_rhn_id: "{{ rhsso_rhn_ids[keycloak_rhsso_version] }}" keycloak_rhsso_archive: "rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip" -keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version }}" -keycloak_rhsso_base_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=' +keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}" +keycloak_rhn_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=' +keycloak_rhsso_download_url: "{{ keycloak_rhn_url }}{{ rhsso_rhn_id }}" + +### keycloak/rhsso choice: by default install rhsso if rhn credentials are defined +keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined and rhn_username is defined and rhn_password is defined else False }}" +# whether to install from local archive; filename must be keycloak_archive or keycloak_rhsso_archive depending on keycloak_rhsso_enable +keycloak_offline_install: False ### Install location and service settings jvm_package: java-1.8.0-openjdk-devel @@ -27,7 +33,7 @@ keycloak_service_group: keycloak keycloak_service_pidfile: "/run/keycloak.pid" keycloak_service_logfile: "{{ keycloak_dest }}/keycloak.log" -### Keycloak configuration settings +### Common configuration settings keycloak_bind_address: 0.0.0.0 keycloak_host: localhost keycloak_http_port: 8080 diff --git a/roles/keycloak/tasks/get_rhsso.yml b/roles/keycloak/tasks/get_rhsso.yml index fa3fc2b..f68ce0b 100644 --- a/roles/keycloak/tasks/get_rhsso.yml +++ b/roles/keycloak/tasks/get_rhsso.yml @@ -5,19 +5,14 @@ - keycloak_rhsso_enable quiet: true -- set_fact: - rhn_download_url: "{{ keycloak_rhsso_base_url }}{{ rhsso_rhn_id }}" - when: - - rhsso_rhn_id is defined - - name: "Check zipfile dest directory {{ zipfile_dest }}" stat: path: "{{ zipfile_dest }}" register: archive_path -- name: "Download zipfile from RHN: {{ rhn_download_url }}" +- name: "Download zipfile from RHN: {{ keycloak_rhsso_download_url }}" redhat_csp_download: - url: "{{ rhn_download_url }}" + url: "{{ keycloak_rhsso_download_url }}" dest: "{{ zipfile_dest }}" username: "{{ rhn_username }}" password: "{{ rhn_password }}" diff --git a/roles/keycloak/tasks/prereqs.yml b/roles/keycloak/tasks/prereqs.yml index 51c2ee8..bb1c44b 100644 --- a/roles/keycloak/tasks/prereqs.yml +++ b/roles/keycloak/tasks/prereqs.yml @@ -10,11 +10,11 @@ - name: Validate credentials assert: that: - - (rhn_username is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined - - (rhn_password is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined + - (rhn_username is defined and keycloak_rhsso_enable) or not keycloak_rhsso_enable or keycloak_offline_install + - (rhn_password is defined and keycloak_rhsso_enable) or not keycloak_rhsso_enable or keycloak_offline_install quiet: True fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined" - success_msg: "{{ 'Installing Red Hat Single Sign-On' if rhsso_rhn_id is defined else 'Installing keycloak.org' }}" + success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}" - name: Set required packages facts set_fact: diff --git a/roles/keycloak/vars/main.yml b/roles/keycloak/vars/main.yml index cf1d6cc..40b2610 100644 --- a/roles/keycloak/vars/main.yml +++ b/roles/keycloak/vars/main.yml @@ -4,6 +4,9 @@ keycloak_admin_password: # internal variables below +rhsso_rhn_ids: + '7.5.0': '101971' + '7.5.1': '103836' # locations keycloak_url: "http://{{ keycloak_host }}:{{ keycloak_http_port }}"