diff --git a/group_vars/keycloak/plain.yml b/group_vars/keycloak/plain.yml index 78ceaf0..b1b85d3 100644 --- a/group_vars/keycloak/plain.yml +++ b/group_vars/keycloak/plain.yml @@ -8,8 +8,6 @@ keycloak_postgres_database: "{{ stage }}_keycloak" keycloak_postgres_username: "{{ keycloak_postgres_database }}" keycloak_postgres_password: "keycloak-postgres-admin" -keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}" - # TODO shouldn't be declared in a static way -> must be stage specific keycloak: { realms: [ diff --git a/roles/keycloak/tasks/configure_client.yml b/roles/keycloak/tasks/configure_client.yml index 6a5a5a2..aa4eb2f 100644 --- a/roles/keycloak/tasks/configure_client.yml +++ b/roles/keycloak/tasks/configure_client.yml @@ -1,11 +1,13 @@ --- -#- name: Print client {{ client_id }} for realm {{ realm_name }} -# debug: -# msg: "{{ lookup('template','keycloak-realm-create-client.json.j2') }}" -# when: realm_client_ids | selectattr('clientId', 'equalto', client_id) | list | length == 0 -# tags: -# - update_realms +- name: Print client {{ client_id }} for realm {{ realm_name }} + debug: + msg: "{{ lookup('template','keycloak-realm-create-client.json.j2') }}" + tags: + - always + when: + - debug + - realm_client_ids | selectattr('clientId', 'equalto', client_id) | list | length == 0 - name: Create client {{ client_id }} for realm {{ realm_name }} uri: diff --git a/roles/keycloak/tasks/configure_realm.yml b/roles/keycloak/tasks/configure_realm.yml index ee2a97e..3dbab86 100644 --- a/roles/keycloak/tasks/configure_realm.yml +++ b/roles/keycloak/tasks/configure_realm.yml @@ -67,7 +67,9 @@ debug: msg: "{{ realm_client_ids }}" tags: - - update_realms + - always + when: + - debug - name: Create clients from realm {{ current_realm_name }} include_tasks: configure_client.yml diff --git a/roles/keycloak/tasks/create_realm_groups.yml b/roles/keycloak/tasks/create_realm_groups.yml index b79205c..4051472 100644 --- a/roles/keycloak/tasks/create_realm_groups.yml +++ b/roles/keycloak/tasks/create_realm_groups.yml @@ -2,7 +2,7 @@ - name: Read groups of realm {{ current_realm_name }} uri: - url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/groups + url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups" method: GET headers: Authorization: "Bearer {{ access_token}} " @@ -16,8 +16,9 @@ debug: msg: "{{ realm_groups }}" tags: - - create_groups - - update_realms + - always + when: + - debug - name: Save realm groups as variable (fact) set_fact: @@ -39,12 +40,13 @@ debug: msg: "{{ realm_groupnames }}" tags: - - create_groups - - update_realms + - always + when: + - debug - name: "Create groups for realm {{ current_realm_name }}" uri: - url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/groups + url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups" method: POST body_format: json body: "{{ lookup('template','keycloak-realm-create-group.json.j2') }}" diff --git a/roles/keycloak/tasks/create_realm_users.yml b/roles/keycloak/tasks/create_realm_users.yml index 8a2d5cd..4316aa8 100644 --- a/roles/keycloak/tasks/create_realm_users.yml +++ b/roles/keycloak/tasks/create_realm_users.yml @@ -2,22 +2,23 @@ - name: Read users of realm {{ current_realm_name }} uri: - url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/users + url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users" method: GET headers: - Authorization: "Bearer {{ access_token}} " + Authorization: "Bearer {{ access_token }} " status_code: [200] register: realm_users tags: - create_users - update_realms -#- name: Print realm users -# debug: -# msg: "{{ realm_users }}" -# tags: -# - create_users -# - update_realms +- name: Print realm users + debug: + msg: "{{ realm_users }}" + tags: + - always + when: + - debug - name: Save realm users as variable (fact) set_fact: @@ -35,16 +36,17 @@ - create_users - update_realms -#- name: Print realm usernames -# debug: -# msg: "{{ realm_user_usernames }}" -# tags: -# - create_users -# - update_realms +- name: Print realm usernames + debug: + msg: "{{ realm_user_usernames }}" + tags: + - always + when: + - debug - name: "Create users for realm {{ current_realm_name }}" uri: - url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/users + url: "{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users" method: POST body_format: json body: "{{ lookup('template','keycloak-realm-create-user.json.j2') }}" diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index dd6523b..9c88d3d 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -68,14 +68,20 @@ tags: - update_deployment -- name: "Wait for {{ service_port_keycloak_external }}" +- name: "Setting local keycloak url" + set_fact: + keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}" + when: "'keycloak' in group_names" + +- name: "Wait for " wait_for: + host: "localhost" port: '{{ service_port_keycloak_external }}' delay: 60 - name: "Authenticate with Keycloak server" uri: - url: "http://localhost:{{ service_port_keycloak_external }}/auth/realms/master/protocol/openid-connect/token" + url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token" method: POST body_format: form-urlencoded body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password' @@ -87,6 +93,14 @@ - create_groups - update_realms +- name: Print realm users + debug: + msg: "{{ keycloak_authentication.json.access_token }}" + tags: + - always + when: + - debug + - name: "Setup realms" include_tasks: configure_realm.yml vars: