gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6b889615e7'
${ noResults }
hetzner-ansible/roles/pmci/tenant/sync/tasks/update_user_tenants.yml

60 lines
2.1 KiB
YAML
Raw Blame History Unescape Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

---
- name: "Reading users by username <{{ current_user_id }}> from realm <{{ management_oidc_realm }}>"
delegate_to: 127.0.0.1
become: false
uri:
url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ management_oidc_realm }}/users?username={{ current_user_id }}"
method: GET
headers:
Authorization: "Bearer {{ access_token }} "
status_code: [200]
register: keycloak_user_result
- name: "Reading user id for username <{{ current_user_id }}>"
set_fact:
keycloak_user_id: "{{ keycloak_user_result.json | json_query(querystr1) | first }}"
vars:
querystr1: "[*].id"
- name: "Reading user attibutes for username <{{ current_user_id }}>"
set_fact:
keycloak_user_attributes: "{{ keycloak_user_result.json | json_query(querystr1) | first | default([]) }}"
vars:
querystr1: "[*].attributes"
- name: "Calculate assigned tenant ids for username <{{ current_user_id }}>"
set_fact:
user_tenant_ids: "\
{% set list= [] %}\
{% for tenant in pmci_tenants_results.json %}\
{% for user in tenant.user_ids %}\
{% if user == current_user_id %}\
{{ list.append(tenant.key) }}\
{% endif %}\
{% endfor %}\
{% endfor %}\
{{ list | list | unique | sort }}"
- name: "Calculate assigned tenant ids for username <{{ current_user_id }}>"
set_fact:
keycloak_user_attributes_tenant_ids:
tenantIds: "{{ (['###'] + user_tenant_ids) | join(',') }}"
- name: "Calculate assigned tenant ids for username <{{ current_user_id }}>"
set_fact:
keycloak_user_attributes: "{{ keycloak_user_attributes | combine( keycloak_user_attributes_tenant_ids ) }}"
- name: "Updating user attributes for username <{{ current_user_id }}>"
delegate_to: 127.0.0.1
become: false
uri:
url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ management_oidc_realm }}/users/{{ keycloak_user_id }}"
method: PUT
body_format: json
body: '{"attributes": {{ keycloak_user_attributes }}}'
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ access_token }}"
status_code: [204]
Reference in New Issue View Git Blame Copy Permalink