From 1c3954fd7671bcc58d7e5acc46823444c8212c63 Mon Sep 17 00:00:00 2001
From: Sven Ketelsen <sven.ketelsen@netgo.de>
Date: Tue, 23 May 2023 18:19:42 +0200
Subject: [PATCH] DEV-1058 set management realm to "stage-connect"

---
 group_vars/all/management.yml | 10 ++++++----
 initialize-stage.yml          | 13 +++++--------
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/group_vars/all/management.yml b/group_vars/all/management.yml
index 35f6ae5..90f4c0b 100644
--- a/group_vars/all/management.yml
+++ b/group_vars/all/management.yml
@@ -1,8 +1,10 @@
 ---
-management_oidc_realm: "infrastructure"
+management_oidc_realm: "stage-connect"
 management_oidc_client_id: "connect"
-
 management_oidc_client_secret: "{{ management_oidc_client_secret_vault }}"
+management_oidc_admin_username: "management-admin"
+management_oidc_admin_password: "{{ management_admin_password_vault }}"
+management_oidc_admin_email: "{{ devops_email_address }}"
 
-management_admin_username: "management-admin"
-management_admin_password: "{{ management_admin_password_vault }}"
+management_admin_username: "management-admin" # backwards compatibility
+management_admin_password: "{{ management_admin_password_vault }}" # backwards compatibility
diff --git a/initialize-stage.yml b/initialize-stage.yml
index 29208fb..c73520b 100644
--- a/initialize-stage.yml
+++ b/initialize-stage.yml
@@ -136,7 +136,7 @@
         - update_connect_realm
       vars:
         current_realm_password_policy: ""
-        current_realm_name: "stage-connect" # TODO migrate from realm infrastructure
+        current_realm_name: "{{ management_oidc_realm }}" # TODO migrate from realm infrastructure
         current_realm_users_base:
           - username: "{{ management_admin_username }}"
             password: "{{ management_admin_password }}"
@@ -144,7 +144,7 @@
             firstName: "Netgo"
             lastName: "Administrator"
             requiredActions: []
-        connect_client_id: "connect"
+        connect_client_id: "{{ management_oidc_client_id }}"
         client_web_origin_connect: "{{ shared_service_url_management }}"
         connect_oidc_client_secret: "{{ management_oidc_client_secret }}"
 
@@ -211,6 +211,9 @@
   become: true
   vars:
     ansible_ssh_host: "{{ stage_server_domain }}"
+    current_realm_name: "{{ management_oidc_realm }}"
+    connect_postgres_database: "{{ stage_database_management_connect_name }}"
+    connect_oidc_client_secret: "{{ management_oidc_client_secret }}"
 
   pre_tasks:
     - name: "Import autodiscover pre-tasks"
@@ -223,18 +226,12 @@
     - name: "Install server based connect"
       include_role:
         name: management
-      vars:
-        current_realm_name: "{{ management_oidc_realm }}"
-        connect_postgres_database: "{{ stage_database_management_connect_name }}"
       tags:
         - update_deployment
 
     - name: "Setup stage connect configuration"
       include_role:
         name: management
-      vars:
-        current_realm_name: "{{ management_oidc_realm }}"
-        connect_postgres_database: "{{ stage_database_management_connect_name }}"
       tags:
         - update_connections
         - update_configurations