Code review comments

README.md

@@ -31,25 +31,32 @@ collections:
 
 ### Install Playbook
 
-`playbooks/keycloak.yml` installs the keycloak or Red Hat Single Sign-On(RHSSO) based on the defined variables.
+`playbooks/keycloak.yml` installs the upstream(Keycloak) based on the defined variables.
+`playbooks/rhsso.yml` installs Red Hat Single Sign-On(RHSSO) based on defined variables.
 
-### Choosing between Red Hat products and upstream (Keycloak) project
+### Choosing between upstream(Keycloak) project and Red Hat Single Sign-On(RHSSO)
 
-The roles supports installing Keycloak or Red Hat Single Sign-On in the following ways
+The roles supports installing upstream(Keycloak) or Red Hat Single Sign-On in the following ways
 
-#### Install upstream from remote source
+#### Install upstream(Keycloak) from remote source
 
-This is default way, no need to define any additional variables.
+This is default approach, there is one required variable
-
-#### Install upstream from local source when the following variable is defined
 
 ```
-keycloak_zip_file_local_path: <local path of keycloak zip file>
+keycloak_admin_password: "<changeme>"
 ```
 
-#### Install RHSSO from the Customer Support Portal, when the following variables are defined
+#### Install upstream(Keycloak) from local source when the following variable is defined
 
 ```
+keycloak_admin_password: "<changeme>"
+zip_file_local_path: <keycloak zip file on Ansible control node local path>
+```
+
+#### Install RHSSO from the Red Hat Customer Support Portal, when the following variables are defined
+
+```
+keycloak_admin_password: "<changeme>"
 rhn_username: '<customer_portal_username>'
 rhn_password: '<customer_portal_password>'
 rhsso_rhn_id: '<sso_product_id>'
@@ -60,15 +67,17 @@ where `sso_product_id` is the ID for the specific Red Hat Single Sign-On version
 #### Install RHSSO from remote sources like Nexus etc, when the following variables are defined
 
 ```
-rhsso_source_download_url: '<url to downloand RHSSO zip file>'
+keycloak_admin_password: "<changeme>"
+keycloak_rhsso_enable: True
+rhsso_source_download_url: '<url to download RHSSO zip file>'
 ```
 
-where `sso_product_id` is the ID for the specific Red Hat Single Sign-On version, ie. _101971_ will install version _7.5_)
-
 #### Install RHSSO from local source when the following variable is defined
 
 ```
-rhsso_zip_file_local_path: <local path of rhsso zip file>
+keycloak_admin_password: "<changeme>"
+keycloak_rhsso_enable: True
+zip_file_local_path: <rhsso zip file on Ansible control node local path>
 ```
 
 ### Install role

playbooks/keycloak.yml

@@ -2,11 +2,9 @@
 - name: Playbook for Keycloak Hosts
   hosts: keycloak
   collections:
-    - middleware_automation.redhat_csp_download
+    - middleware_automation.keycloak
-  roles:
-    - redhat_csp_download
   tasks:
-    - name: Keycloak Role
+    - name: Include keycloak role
       include_role:
         name: keycloak
       vars:

playbooks/rhsso.yml

@@ -1,10 +1,14 @@
 ---
 - name: Playbook for Keycloak Hosts
   hosts: keycloak
+  collections:
+    - middleware_automation.redhat_csp_download
+  roles:
+    - redhat_csp_download
   tasks:
     - name: Keycloak Role
       include_role:
         name: keycloak
       vars:
         keycloak_admin_password: "changeme"
-        rhsso_zip_file_local_path: "/tmp/rhsso/rh-sso-7.5-server-dist.zip" # This should be local path of rhsso zip file
+        keycloak_rhsso_enable: True

roles/keycloak/README.md

@@ -18,6 +18,7 @@ Role Defaults
 
 | Variable | Description | Default |
 |:---------|:------------|:---------|
+|`keycloak_rhsso_enable`| Enable Red Hat Single Sign-on installation  | `False` |
 |`keycloak_ha_enabled`| Enable auto configuration for database backend, clustering and remote caches on infinispan | `False` |
 |`keycloak_db_enabled`| Enable auto configuration for database backend | `True` if `keycloak_ha_enabled` is True, else `False` |
 |`keycloak_admin_user`| Administration console user account | `admin` |
@@ -66,16 +67,15 @@ The following variables are _required_ only when `keycloak_db_enabled` is True:
 |`keycloak_db_user` | username for connecting to postgres | `keycloak-user` |
 |`keycloak_db_pass` | password for connecting to postgres | `keycloak-pass` |
 
-The following variables can be used to install Keycloak or Red Hat Single Sign-On from local path:
+The following variable can be used to install Keycloak or Red Hat Single Sign-On from local path:
-| Variable | Description | Default |
+| Variable | Description | Example |
 |:---------|:------------|:---------|
-|`rhsso_zip_file_local_path` | Full local path of Red Hat Single Sign-On zip file  | `tmp/rhsso/rh-sso-7.5-server-dist.zip` |
+|`zip_file_local_path` | Full local path of upstream(Keycloak) or Red Hat Single Sign-On zip file on Ansible control plane | `tmp/rhsso/rh-sso-7.5-server-dist.zip` |
-|`keycloak_zip_file_local_path` | Full local path of Keycloak zip file  | `/tmp/keycloak/keycloak-16.1.0.zip` |
 
 The following variable can be used to install Red Hat Single Sign-On from source via url, auth support is not added right now.
-| Variable | Description | Default |
+| Variable | Description | Example |
 |:---------|:------------|:---------|
-|`rhsso_source_download_url` | URL to download Red Hat Single Sign-On zip file from | `http://localhost:8081/nexus/rhsso/rh-sso-7.5-server-dist.zip` |
+|`rhsso_source_download_url` | URL to download Red Hat Single Sign-On zip file from source | `http://localhost:8081/nexus/rhsso/rh-sso-7.5-server-dist.zip` |
 
 Dependencies
 ------------
@@ -104,7 +104,7 @@ The following is an example playbook that makes use of the role to install keycl
             keycloak_admin_password: "changeme"
 ```
 
-The following is an example playbook that makes use of the role to install keycloak from local path
+The following is an example playbook that makes use of the role to install keycloak from local path on Ansible node
 
 ```yaml
 ---
@@ -117,14 +117,14 @@ The following is an example playbook that makes use of the role to install keycl
             name: keycloak
           vars:
             keycloak_admin_password: "changeme"
-            keycloak_zip_file_local_path: "/tmp/keycloak/keycloak-16.1.0.zip" # This should be local path of keycloak zip file
+            zip_file_local_path: "/tmp/keycloak/keycloak-16.1.0.zip"  # This should be local path on Ansible node of upstream(keycloak) zip file
 ```
 
 The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from RHN
 
 ```yaml
 ---
-- name: Playbook for Keycloak Hosts
+- name: Playbook for RHSSO
   hosts: keycloak
   collections:
     - middleware_automation.redhat_csp_download
@@ -136,6 +136,7 @@ The following is an example playbook that makes use of the role to install Red H
         name: keycloak
       vars:
         keycloak_admin_password: "changeme"
+        keycloak_rhsso_enable: True
 ```
 
 The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from source url
@@ -143,27 +144,33 @@ The following is an example playbook that makes use of the role to install Red H
 ```yaml
 ---
 - hosts: keycloak
+  collections:
+    - middleware_automation.keycloak
   tasks:
     - name: Keycloak Role
       include_role:
         name: keycloak
       vars:
         keycloak_admin_password: "changeme"
+        keycloak_rhsso_enable: True
         rhsso_source_download_url: "<REPLACE with - Source download url>" # This should be the full of remote source rhsso zip file
 ```
 
-The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from local path
+The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from local path on Ansible node
 
 ```yaml
 ---
 - hosts: keycloak
+  collections:
+    - middleware_automation.keycloak
   tasks:
     - name: Keycloak Role
       include_role:
         name: keycloak
       vars:
         keycloak_admin_password: "changeme"
-        rhsso_zip_file_local_path: "/tmp/rhsso/rh-sso-7.5-server-dist.zip" # This should be local path of rhsso zip file
+        keycloak_rhsso_enable: True
+        zip_file_local_path: "/tmp/rhsso/rh-sso-7.5-server-dist.zip"  # This should be local path on Ansible node of rhsso zip file
 ```
 
 License

roles/keycloak/defaults/main.yml

@@ -6,7 +6,7 @@ keycloak_download_url: https://downloads.jboss.org/keycloak/{{ keycloak_version
 keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
 
 ### Configuration specific to Red Hat Single Sing-On
-keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined or rhsso_zip_file_local_path is defined  or rhsso_source_download_url is defined else False }}"
+keycloak_rhsso_enable: False
 keycloak_rhsso_version: 7.5
 keycloak_rhsso_archive: rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip
 keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version }}"
@@ -15,7 +15,7 @@ keycloak_rhsso_base_url: 'https://access.redhat.com/jbossnetwork/restricted/soft
 ### Install location and service settings
 jvm_package: java-1.8.0-openjdk-devel
 keycloak_dest: /opt/keycloak
-keycloak_jboss_home: "{{ keycloak_rhsso_installdir if rhsso_rhn_id is defined or rhsso_zip_file_local_path is defined or rhsso_source_download_url is defined else keycloak_installdir }}"
+keycloak_jboss_home: "{{ keycloak_rhsso_installdir if keycloak_rhsso_enable else keycloak_installdir }}"
 keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration"
 
 keycloak_config_standalone_xml: "keycloak.xml"

roles/keycloak/tasks/get_rhsso.yml

@@ -2,11 +2,13 @@
 - assert:
     that:
       - zipfile_dest is defined
-      - (rhn_username is defined and rhn_password is defined and rhn_id_file is defined) or rhsso_zip_file_local_path is defined or rhsso_source_download_url is defined
+      - keycloak_rhsso_enable
     quiet: true
 
 - set_fact:
-    rhn_download_url: "{{ keycloak_rhsso_base_url }}{{ rhn_id_file }}"
+    rhn_download_url: "{{ keycloak_rhsso_base_url }}{{ rhsso_rhn_id }}"
+  when:
+    - rhsso_rhn_id is defined
 
 - name: "Check zipfile dest directory {{ zipfile_dest }}"
   stat:
@@ -24,6 +26,8 @@
     - archive_path is defined
     - archive_path.stat is defined
     - not archive_path.stat.exists
+    - rhn_username is defined
+    - rhn_password is defined
     - rhsso_rhn_id is defined
 
 - name: "Copy zipfile from source like Nexus etc : {{ rhsso_source_download_url }}"
@@ -39,9 +43,9 @@
     - not archive_path.stat.exists
     - rhsso_source_download_url is defined
 
-- name: "Copy zipfile from local source: {{ rhsso_zip_file_local_path }}"
+- name: "Copy zipfile from local source: {{ zip_file_local_path }}"
   ansible.builtin.copy:
-    src: "{{ rhsso_zip_file_local_path }}"
+    src: "{{ zip_file_local_path }}"
     dest: "{{ zipfile_dest }}"
     owner: "{{ keycloak_service_user }}"
     group: "{{ keycloak_service_group }}"
@@ -50,7 +54,7 @@
     - archive_path is defined
     - archive_path.stat is defined
     - not archive_path.stat.exists
-    - rhsso_zip_file_local_path is defined
+    - zip_file_local_path is defined
     
 - name: "Check zipfile dest directory {{ zipfile_dest }}"
   stat:

roles/keycloak/tasks/install.yml

@@ -74,11 +74,11 @@
         - archive_path is defined
         - archive_path.stat is defined
         - not archive_path.stat.exists
-        - not keycloak_zip_file_local_path is defined
+        - not keycloak_rhsso_enable and not zip_file_local_path is defined
 
-    - name: "Copy zipfile from local source: {{ keycloak_zip_file_local_path }}"
+    - name: "Copy zipfile from local source: {{ zip_file_local_path }}"
       ansible.builtin.copy:
-        src: "{{ keycloak_zip_file_local_path }}"
+        src: "{{ zip_file_local_path }}"
         dest: "{{ keycloak_dest }}"
         owner: "{{ keycloak_service_user }}"
         group: "{{ keycloak_service_group }}"
@@ -87,7 +87,7 @@
         - archive_path is defined
         - archive_path.stat is defined
         - not archive_path.stat.exists
-        - keycloak_zip_file_local_path is defined
+        - not keycloak_rhsso_enable and zip_file_local_path is defined
 
     - name: extract Keycloak archive on target
       unarchive:
@@ -105,9 +105,9 @@
 - block:
     - assert:
         that:
-          - rhsso_rhn_id is defined or rhsso_zip_file_local_path is defined or rhsso_source_download_url is defined
+          - rhsso_rhn_id is defined or zip_file_local_path is defined
         quiet: true
-        fail_msg: "Can't install RHSSO without either RHN ID or RHSSO zip file local path"
+        fail_msg: "Can't install RHSSO without either RHN ID or RHSSO zip file located on Ansible node"
 
     - name: create download directory
       file:
@@ -117,9 +117,8 @@
         group: "{{ keycloak_service_group }}"
         mode: 0750
 
-    - include_tasks: download_from_rhn.yml
+    - include_tasks: get_rhsso.yml
       vars:
-        rhn_id_file: "{{ rhsso_rhn_id | default(None) }}"
         zipfile_dest: "{{ keycloak_dest }}/{{ keycloak_rhsso_archive }}"
         work_dir: "{{ keycloak_dest }}"
         target_dir: "{{ keycloak_jboss_home }}"