Make admin account creation idempotent

2021-12-16 14:24:06 +01:00 · 2021-12-16 14:24:06 +01:00 · dac9d1ff23
parent 056b1dc7b9
commit dac9d1ff23
2 changed files with 25 additions and 13 deletions
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -42,7 +42,7 @@ scenario:
    - create
    - prepare
    - converge
-#    - idempotence
+    - idempotence
    - side_effect
    - verify
    - cleanup
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -8,16 +8,28 @@
 - include_tasks: tasks/install.yml
 ## FIXME not idempotent (keyclock removes the file when it restarts)
 - name: create Keycloak admin user
  command:
  args:
    argv:
      - "{{ keycloak_jboss_home }}/bin/add-user-keycloak.sh"
      - -rmaster
      - -u{{ keycloak_admin_user }}
      - -p{{ keycloak_admin_password }}
    creates: "{{ keycloak_config_dir }}/keycloak-add-user.json"
  become: yes
 - include_tasks: tasks/systemd.yml
 - block:
    - name: Check admin credentials by generating a token
      uri:
        url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
        method: POST
        body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
        validate_certs: no
      register: keycloak_auth_response
      until: keycloak_auth_response.status == 200
      retries: 2
      delay: 2
  rescue:
    - name: create Keycloak admin user
      command:
      args:
        argv:
          - "{{ keycloak_jboss_home }}/bin/add-user-keycloak.sh"
          - -rmaster
          - -u{{ keycloak_admin_user }}
          - -p{{ keycloak_admin_password }}
      become: yes
    - name: restart keycloak
      include_tasks: tasks/restart_keycloak.yml