chore: keycloak rollout was broken due to duplicated declaration

4 years ago · 0355c2ed8b
parent 62c27af121
commit 0355c2ed8b
6 changed files with 52 additions and 32 deletions
--- a/group_vars/keycloak/plain.yml
+++ b/group_vars/keycloak/plain.yml
@ -8,8 +8,6 @@ keycloak_postgres_database: "{{ stage }}_keycloak"
 keycloak_postgres_username: "{{ keycloak_postgres_database }}"
 keycloak_postgres_password: "keycloak-postgres-admin"

-keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}"
-
 # TODO shouldn't be declared in a static way -> must be stage specific
 keycloak: {
  realms: [
--- a/roles/keycloak/tasks/configure_client.yml
+++ b/roles/keycloak/tasks/configure_client.yml
@ -1,11 +1,13 @@
 ---

-#- name: Print client {{ client_id }} for realm {{ realm_name }}
-#  debug:
-#    msg: "{{ lookup('template','keycloak-realm-create-client.json.j2') }}"
-#  when: realm_client_ids | selectattr('clientId', 'equalto', client_id) | list | length == 0
-#  tags:
-#    - update_realms
+- name: Print client {{ client_id }} for realm {{ realm_name }}
+  debug:
+    msg: "{{ lookup('template','keycloak-realm-create-client.json.j2') }}"
+  tags:
+    - always
+  when:
+    - debug
+    - realm_client_ids | selectattr('clientId', 'equalto', client_id) | list | length == 0

 - name: Create client {{ client_id }} for realm {{ realm_name }}
  uri:
--- a/roles/keycloak/tasks/configure_realm.yml
+++ b/roles/keycloak/tasks/configure_realm.yml
@ -67,7 +67,9 @@
  debug:
    msg: "{{ realm_client_ids }}"
  tags:
-    - update_realms
+    - always
+  when:
+    - debug

 - name: Create clients from realm {{ current_realm_name }}
  include_tasks: configure_client.yml
--- a/roles/keycloak/tasks/create_realm_groups.yml
+++ b/roles/keycloak/tasks/create_realm_groups.yml
@ -2,7 +2,7 @@

 - name: Read groups of realm {{ current_realm_name }}
  uri:
-    url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/groups
+    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups"
    method: GET
    headers:
      Authorization: "Bearer {{ access_token}} "
@ -16,8 +16,9 @@
  debug:
    msg: "{{ realm_groups }}"
  tags:
-    - create_groups
-    - update_realms
+    - always
+  when:
+    - debug

 - name: Save realm groups as variable (fact)
  set_fact: 
@ -39,12 +40,13 @@
  debug:
    msg: "{{ realm_groupnames }}"
  tags:
-    - create_groups
-    - update_realms
+    - always
+  when:
+    - debug

 - name: "Create groups for realm {{ current_realm_name }}"
  uri:
-    url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/groups
+    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups"
    method: POST
    body_format: json
    body: "{{ lookup('template','keycloak-realm-create-group.json.j2') }}"
--- a/roles/keycloak/tasks/create_realm_users.yml
+++ b/roles/keycloak/tasks/create_realm_users.yml
@ -2,22 +2,23 @@

 - name: Read users of realm {{ current_realm_name }}
  uri:
-    url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/users
+    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
    method: GET
    headers:
-      Authorization: "Bearer {{ access_token}} "
+      Authorization: "Bearer {{ access_token }} "
    status_code: [200]
  register: realm_users
  tags:
    - create_users
    - update_realms

-#- name: Print realm users
-#  debug:
-#    msg: "{{ realm_users }}"
-#  tags:
-#    - create_users
-#    - update_realms
+- name: Print realm users
+  debug:
+    msg: "{{ realm_users }}"
+  tags:
+    - always
+  when:
+    - debug

 - name: Save realm users as variable (fact)
  set_fact: 
@ -35,16 +36,17 @@
    - create_users
    - update_realms

-#- name: Print realm usernames
-#  debug:
-#    msg: "{{ realm_user_usernames }}"
-#  tags:
-#    - create_users
-#    - update_realms
+- name: Print realm usernames
+  debug:
+    msg: "{{ realm_user_usernames }}"
+  tags:
+    - always
+  when:
+    - debug

 - name: "Create users for realm {{ current_realm_name }}"
  uri:
-    url: http://localhost:{{ service_port_keycloak_external }}/auth/admin/realms/{{ current_realm_name }}/users
+    url: "{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
    method: POST
    body_format: json
    body: "{{ lookup('template','keycloak-realm-create-user.json.j2') }}"
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -68,14 +68,20 @@
  tags:
    - update_deployment

- name: "Wait for {{ service_port_keycloak_external }}"
+- name: "Setting local keycloak url"
+  set_fact:  
+    keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}"
+  when: "'keycloak' in group_names"
+
+- name: "Wait for <localhost:{{ keycloak_server_url }}>"
  wait_for:
+    host: "localhost"
    port: '{{ service_port_keycloak_external }}'
    delay: 60

 - name: "Authenticate with Keycloak server"
  uri:
-    url: "http://localhost:{{ service_port_keycloak_external }}/auth/realms/master/protocol/openid-connect/token"
+    url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token"
    method: POST
    body_format: form-urlencoded
    body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'
@ -87,6 +93,14 @@
    - create_groups
    - update_realms

+- name: Print realm users
+  debug:
+    msg: "{{ keycloak_authentication.json.access_token }}"
+  tags:
+    - always
+  when:
+    - debug
+
 - name: "Setup realms"
  include_tasks: configure_realm.yml
  vars: