From a67081a68d413c4bd7d7762534633468a0b07976 Mon Sep 17 00:00:00 2001 From: Guido Grazioli Date: Thu, 24 Mar 2022 17:44:13 +0100 Subject: [PATCH] move admin pwd param from vars to defaults, add assert --- roles/keycloak/defaults/main.yml | 3 +++ roles/keycloak/meta/main.yml | 6 ++++-- roles/keycloak/tasks/firewalld.yml | 2 +- roles/keycloak/tasks/prereqs.yml | 10 +++++++++- roles/keycloak/vars/main.yml | 4 ---- 5 files changed, 17 insertions(+), 8 deletions(-) diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml index ebbaa05..ad1b2c6 100644 --- a/roles/keycloak/defaults/main.yml +++ b/roles/keycloak/defaults/main.yml @@ -32,6 +32,9 @@ keycloak_service_group: keycloak keycloak_service_pidfile: "/run/keycloak.pid" keycloak_configure_firewalld: False +### administrator console password +keycloak_admin_password: '' + ### Common configuration settings keycloak_bind_address: 0.0.0.0 keycloak_host: localhost diff --git a/roles/keycloak/meta/main.yml b/roles/keycloak/meta/main.yml index 8f5bc1e..4760762 100644 --- a/roles/keycloak/meta/main.yml +++ b/roles/keycloak/meta/main.yml @@ -23,5 +23,7 @@ galaxy_info: - keycloak - redhat - rhel - - rhn - - sso \ No newline at end of file + - sso + - authentication + - identity + - security diff --git a/roles/keycloak/tasks/firewalld.yml b/roles/keycloak/tasks/firewalld.yml index 15f91cb..58a6cac 100644 --- a/roles/keycloak/tasks/firewalld.yml +++ b/roles/keycloak/tasks/firewalld.yml @@ -1,5 +1,5 @@ --- -- name: Ensures required package firewalld are installed +- name: Ensure required package firewalld are installed ansible.builtin.include_tasks: fastpackages.yml vars: packages_list: diff --git a/roles/keycloak/tasks/prereqs.yml b/roles/keycloak/tasks/prereqs.yml index 77e8364..5d685be 100644 --- a/roles/keycloak/tasks/prereqs.yml +++ b/roles/keycloak/tasks/prereqs.yml @@ -1,4 +1,12 @@ --- +- name: Validate admin console password + ansible.builtin.assert: + that: + - keycloak_admin_password | length > 12 + quiet: True + fail_msg: "The console administrator password is empty or invalid. Please set the keycloak_admin_password variable to a 16+ char long string" + success_msg: "{{ 'Console administrator password OK' }}" + - name: Validate configuration ansible.builtin.assert: that: @@ -16,7 +24,7 @@ fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined" success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}" -- name: Ensures required packages are installed +- name: Ensure required packages are installed ansible.builtin.include_tasks: fastpackages.yml vars: packages_list: diff --git a/roles/keycloak/vars/main.yml b/roles/keycloak/vars/main.yml index ff7456a..437eac0 100644 --- a/roles/keycloak/vars/main.yml +++ b/roles/keycloak/vars/main.yml @@ -1,8 +1,4 @@ --- -# required variables for keycloak -# administrator console password -keycloak_admin_password: - # internal variables below rhsso_rhn_ids: '7.5.0':