You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
2.5 KiB
YAML
97 lines
2.5 KiB
YAML
---
|
|
|
|
- name: Read realms
|
|
uri:
|
|
url: "{{ keycloak_server_url }}/auth/admin/realms"
|
|
method: GET
|
|
headers:
|
|
Authorization: "Bearer {{ access_token }}"
|
|
status_code: [200]
|
|
register: realms
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: Save realms as variable (fact)
|
|
set_fact:
|
|
realms_json: "{{ realms.json }}"
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: Read realm ids
|
|
set_fact:
|
|
realm_ids: "{{ realms_json | json_query(jmesquery) }}"
|
|
vars:
|
|
jmesquery: '[*].id'
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: "Printing realm ids"
|
|
debug:
|
|
msg: "{{ realm_ids }}"
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
when:
|
|
- debug
|
|
|
|
- name: Create realm {{ current_realm_name }}
|
|
uri:
|
|
url: "{{ keycloak_server_url }}/auth/admin/realms"
|
|
method: POST
|
|
body_format: json
|
|
body: "{{ lookup('template','keycloak-realm-create.json.j2') }}"
|
|
headers:
|
|
Authorization: "Bearer {{ access_token }}"
|
|
status_code: [201]
|
|
when: current_realm_name not in realm_ids
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: Read clients from realm {{ current_realm_name }}
|
|
uri:
|
|
url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/clients"
|
|
method: GET
|
|
headers:
|
|
Authorization: "Bearer {{ access_token }}"
|
|
status_code: [200]
|
|
register: realm_clients
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: Save clients from realm as variable (fact)
|
|
set_fact:
|
|
realm_clients_json: "{{ realm_clients.json }}"
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: "Save client ids from realm {{ current_realm_name }}"
|
|
set_fact:
|
|
realm_client_ids: "{{ realm_clients_json | json_query(jmesquery) }}"
|
|
vars:
|
|
jmesquery: '[*].{id: id, clientId: clientId}'
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
|
|
- name: "Printing client ids from realm {{ current_realm_name }}"
|
|
debug:
|
|
msg: "{{ realm_client_ids }}"
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
when:
|
|
- debug
|
|
|
|
- name: "Create clients from realm {{ current_realm_name }}"
|
|
include_tasks: _configure_client.yml
|
|
vars:
|
|
realm_name: '{{ current_realm_name }}'
|
|
client_id: '{{ client.clientId }}'
|
|
client_name: '{{ client.name }}'
|
|
admin_url: '{{ client.admin_url }}'
|
|
root_url: '{{ client.root_url }}'
|
|
redirect_uris: '{{ client.redirect_uris }}'
|
|
secret: '{{ client.secret }}'
|
|
web_origins: '{{ client.web_origins }}'
|
|
with_items: "{{ current_realm_clients }}"
|
|
loop_control:
|
|
loop_var: client
|
|
when: create_client | default('True') | bool
|