guillaume
/
ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

misc: switch default keycloak_rhsso_apply_patches to false

main
Guido Grazioli 2022-03-25 10:11:22 +01:00
parent b0a11013fa
commit f736ad5632
No known key found for this signature in database
GPG Key ID: 22C8C31EF2BC093B
3 changed files with 15 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
roles/keycloak/README.md
View File

@ -34,7 +34,7 @@ Versions
Patching Patching
-------- --------
When variable `keycloak_rhsso_apply_patches` is `True` (default: `True`), the role will automatically apply the latest cumulative patch for the selected base version. When variable `keycloak_rhsso_apply_patches` is `True` (default: `False`), the role will automatically apply the latest cumulative patch for the selected base version.
| RH-SSO VERSION | Release Date | RH-SSO LATEST CP | Notes | | RH-SSO VERSION | Release Date | RH-SSO LATEST CP | Notes |
|:---------------|:------------------|:-----------------|:----------------| |:---------------|:------------------|:-----------------|:----------------|
@ -79,7 +79,7 @@ Role Defaults
|`keycloak_rhsso_download_url`| Download URL for RHSSO | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=<productID>`| |`keycloak_rhsso_download_url`| Download URL for RHSSO | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=<productID>`|
|`keycloak_version`| keycloak.org package version | `15.0.2` | |`keycloak_version`| keycloak.org package version | `15.0.2` |
|`keycloak_rhsso_version`| RHSSO version | `7.5.0` | |`keycloak_rhsso_version`| RHSSO version | `7.5.0` |
|`keycloak_rhsso_apply_patches`| Install RHSSO more recent cumulative patch | `True` | |`keycloak_rhsso_apply_patches`| Install RHSSO more recent cumulative patch | `False` |
|`keycloak_dest`| Installation root path | `/opt/keycloak` | |`keycloak_dest`| Installation root path | `/opt/keycloak` |
|`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` | |`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` |
|`keycloak_rhn_url` | Base download URI for customer portal | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=` | |`keycloak_rhn_url` | Base download URI for customer portal | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=` |
@ -114,7 +114,7 @@ The following are a set of _required_ variables for the role:
| Variable | Description | | Variable | Description |
|:---------|:------------| |:---------|:------------|
|`keycloak_admin_password`| Password for the administration console user account | |`keycloak_admin_password`| Password for the administration console user account (minimum 12 characters) |
|`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth` | |`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth` |
@ -154,14 +154,12 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
```yaml ```yaml
--- ---
- hosts: ... - hosts: ...
vars:
keycloak_admin_password: "remembertochangeme"
collections: collections:
- middleware_automation.keycloak - middleware_automation.keycloak
tasks: roles:
- name: Include keycloak role - middleware_automation.keycloak.keycloak
include_role:
name: keycloak
vars:
keycloak_admin_password: "changeme"
``` ```
* The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from RHN: * The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from RHN:
@ -179,7 +177,7 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
include_role: include_role:
name: keycloak name: keycloak
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_rhsso_enable: True keycloak_rhsso_enable: True
rhn_username: '<customer portal username>' rhn_username: '<customer portal username>'
rhn_password: '<customer portal password>' rhn_password: '<customer portal password>'
@ -198,7 +196,7 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
include_role: include_role:
name: keycloak name: keycloak
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_offline_install: True keycloak_offline_install: True
# This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip # This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip
``` ```
@ -216,14 +214,14 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
include_role: include_role:
name: keycloak name: keycloak
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_rhsso_enable: True keycloak_rhsso_enable: True
keycloak_rhsso_download_url: "<REPLACE with download url>" keycloak_rhsso_download_url: "<REPLACE with download url>"
# This should be the full of remote source rhsso zip file and can contain basic authentication credentials # This should be the full of remote source rhsso zip file and can contain basic authentication credentials
``` ```
* The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from the controller node: * The following is an example playbook that makes use of the role to install Red Hat Single Sign-On offline from the controller node, and apply latest cumulative patch:
```yaml ```yaml
--- ---
@ -235,9 +233,10 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
include_role: include_role:
name: keycloak name: keycloak
vars: vars:
keycloak_admin_password: "changeme" keycloak_admin_password: "remembertochangeme"
keycloak_rhsso_enable: True keycloak_rhsso_enable: True
keycloak_offline_install: True keycloak_offline_install: True
keycloak_rhsso_apply_patches: True
# This should be the filename of rhsso zip file on Ansible node: rh-sso-7.5-server-dist.zip # This should be the filename of rhsso zip file on Ansible node: rh-sso-7.5-server-dist.zip
``` ```

2
roles/keycloak/defaults/main.yml
View File

@ -13,7 +13,7 @@ keycloak_rhsso_archive: "rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip"
keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}" keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}"
keycloak_rhn_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=' keycloak_rhn_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId='
keycloak_rhsso_download_url: "{{ keycloak_rhn_url }}{{ rhsso_rhn_id }}" keycloak_rhsso_download_url: "{{ keycloak_rhn_url }}{{ rhsso_rhn_id }}"
keycloak_rhsso_apply_patches: True keycloak_rhsso_apply_patches: False
### keycloak/rhsso choice: by default install rhsso if rhn credentials are defined ### keycloak/rhsso choice: by default install rhsso if rhn credentials are defined
keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined and rhn_username is defined and rhn_password is defined else False }}" keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined and rhn_username is defined and rhn_password is defined else False }}"

2
roles/keycloak/meta/argument_specs.yml
View File

@ -48,7 +48,7 @@ argument_specs:
type: "str" type: "str"
keycloak_rhsso_apply_patches: keycloak_rhsso_apply_patches:
# line 16 of keycloak/defaults/main.yml # line 16 of keycloak/defaults/main.yml
default: true default: false
description: "Install RHSSO more recent cumulative patch" description: "Install RHSSO more recent cumulative patch"
type: "bool" type: "bool"
keycloak_rhsso_installdir: keycloak_rhsso_installdir: