tasks/main.yml - ansible/role/keycloak - Gitiles

 ---
 # keycloak tasks/main.yml
 #
 # SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org>
 # SPDX-License-Identifier: Apache-2.0

 - name: include OS-specific tasks
   include_tasks: "{{ ansible_os_family }}.yml"

 - name: Create group for Keycloak
   group:
     name: "{{ keycloak_groupname }}"

 - name: Create user for Keycloak
   user:
     name: "{{ keycloak_username }}"
     group: "{{ keycloak_groupname }}"
     comment: "{{ keycloak_comment }}"
     shell: "{{ keycloak_shell }}"
     system: true
     password_lock: true

 - name: Create keycloak dist directory
   file:
     path: "{{ keycloak_dist_dir }}"
     owner: "{{ keycloak_username }}"
     group: "{{ keycloak_groupname }}"
     state: directory
     mode: 0700

 - name: Download keycloak
   get_url:
     url: "{{ keycloak_download_url }}"
     dest: "{{ keycloak_dist_dir }}"
     timeout: 30
     checksum: "{{ keycloak_checksum }}"
   become: true
   become_user: "{{ keycloak_username }}"

 - name: Extract keycloak
   unarchive:
     remote_src: true
     src: "{{ keycloak_dist_dir }}/keycloak-{{ keycloak_version }}.tar.gz"
     dest: "{{ keycloak_base_dir }}"
     owner: "{{ keycloak_username }}"
     group: "{{ keycloak_groupname }}"
     creates: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}"

 - name: Link Keycloak distro to working dir
   file:
     state: "link"
     src: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}"
     dest: "{{ keycloak_working_dir }}"

 - name: Check admin account
   command:
     chdir: "{{ keycloak_working_dir }}/bin/"
     cmd: >
       ./kcadm.sh get users
       --server http://localhost:8080/auth
       --realm master --user {{ keycloak_admin_username }}
       --password {{ keycloak_admin_password }}
   register: kcadm_result
   changed_when: false
   failed_when: false

 - name: Create admin account
   command:
     chdir: "{{ keycloak_working_dir }}/bin/"
     cmd: >
       ./add-user-keycloak.sh
       --realm master --user {{ keycloak_admin_username }}
       --password {{ keycloak_admin_password }}
   when: kcadm_result.rc != 0
   notify:
     - "start-keycloak"
     - "restart-keycloak"
 - name: Flush handlers to start keycloak server before configuring it via API
   meta: flush_handlers

 - name: Wait for Keycloak to be ready
   uri:
     url: "http://localhost:9990/health"
     method: GET
     return_content: "yes"
     timeout: 5
     body_format: raw
     follow_redirects: "no"
     status_code: 200
   register: result
   until: result.status == 200
   retries: 60
   delay: 5

 - name: Configure Keycloak client
   community.general.keycloak_client:
     auth_keycloak_url: http://localhost:8080/auth
     auth_realm: "{{ item.auth_realm }}"
     auth_username: "{{ keycloak_admin_username }}"
     auth_password: "{{ keycloak_admin_password }}"
     client_id: "{{ item.client_id }}"
     name: "{{ item.name }}"
     protocol: "{{ item.protocol }}"
     description: "{{ item.description }}"
     attributes: "{{ item.attributes }}"
     redirect_uris: "{{ item.redirect_uris }}"
     protocol_mappers: "{{ item.protocol_mappers }}"
     state: present
   with_items: "{{ keycloak_client_settings }}"
	---
	# keycloak tasks/main.yml
	#
	# SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org>
	# SPDX-License-Identifier: Apache-2.0

	- name: include OS-specific tasks
	include_tasks: "{{ ansible_os_family }}.yml"

	- name: Create group for Keycloak
	group:
	name: "{{ keycloak_groupname }}"

	- name: Create user for Keycloak
	user:
	name: "{{ keycloak_username }}"
	group: "{{ keycloak_groupname }}"
	comment: "{{ keycloak_comment }}"
	shell: "{{ keycloak_shell }}"
	system: true
	password_lock: true

	- name: Create keycloak dist directory
	file:
	path: "{{ keycloak_dist_dir }}"
	owner: "{{ keycloak_username }}"
	group: "{{ keycloak_groupname }}"
	state: directory
	mode: 0700

	- name: Download keycloak
	get_url:
	url: "{{ keycloak_download_url }}"
	dest: "{{ keycloak_dist_dir }}"
	timeout: 30
	checksum: "{{ keycloak_checksum }}"
	become: true
	become_user: "{{ keycloak_username }}"

	- name: Extract keycloak
	unarchive:
	remote_src: true
	src: "{{ keycloak_dist_dir }}/keycloak-{{ keycloak_version }}.tar.gz"
	dest: "{{ keycloak_base_dir }}"
	owner: "{{ keycloak_username }}"
	group: "{{ keycloak_groupname }}"
	creates: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}"

	- name: Link Keycloak distro to working dir
	file:
	state: "link"
	src: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}"
	dest: "{{ keycloak_working_dir }}"

	- name: Check admin account
	command:
	chdir: "{{ keycloak_working_dir }}/bin/"
	cmd: >
	./kcadm.sh get users
	--server http://localhost:8080/auth
	--realm master --user {{ keycloak_admin_username }}
	--password {{ keycloak_admin_password }}
	register: kcadm_result
	changed_when: false
	failed_when: false

	- name: Create admin account
	command:
	chdir: "{{ keycloak_working_dir }}/bin/"
	cmd: >
	./add-user-keycloak.sh
	--realm master --user {{ keycloak_admin_username }}
	--password {{ keycloak_admin_password }}
	when: kcadm_result.rc != 0
	notify:
	- "start-keycloak"
	- "restart-keycloak"
	- name: Flush handlers to start keycloak server before configuring it via API
	meta: flush_handlers

	- name: Wait for Keycloak to be ready
	uri:
	url: "http://localhost:9990/health"
	method: GET
	return_content: "yes"
	timeout: 5
	body_format: raw
	follow_redirects: "no"
	status_code: 200
	register: result
	until: result.status == 200
	retries: 60
	delay: 5

	- name: Configure Keycloak client
	community.general.keycloak_client:
	auth_keycloak_url: http://localhost:8080/auth
	auth_realm: "{{ item.auth_realm }}"
	auth_username: "{{ keycloak_admin_username }}"
	auth_password: "{{ keycloak_admin_password }}"
	client_id: "{{ item.client_id }}"
	name: "{{ item.name }}"
	protocol: "{{ item.protocol }}"
	description: "{{ item.description }}"
	attributes: "{{ item.attributes }}"
	redirect_uris: "{{ item.redirect_uris }}"
	protocol_mappers: "{{ item.protocol_mappers }}"
	state: present
	with_items: "{{ keycloak_client_settings }}"