Skip to content

Commit

Permalink
Use the latest keycloak image tag and fix playbook.
Browse files Browse the repository at this point in the history 
No-Issue

Signed-off-by: James Tanner <[email protected]>
  • Loading branch information
@jctanner
jctanner committed Oct 1, 2024
1 parent 49fa6bf commit 0e80ca5
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 13 deletions.
6 changes: 5 additions & 1 deletion profiles/keycloak/compose.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,21 +12,25 @@ services:
# - "UI_EXTERNAL_LOGIN_URI={API_PROTOCOL}://{API_HOST}:{API_PORT}/login"

keycloak:
image: quay.io/keycloak/keycloak:legacy
#image: quay.io/keycloak/keycloak:legacy
image: quay.io/keycloak/keycloak:latest
environment:
- DB_VENDOR=POSTGRES
- DB_ADDR=kc-postgres
- DB_DATABASE=keycloak
- DB_USER=keycloak
- DB_SCHEMA=public
- DB_PASSWORD=keycloak
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=admin
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
ports:
- 8080:8080
depends_on:
- kc-postgres
- ldap
command: ['start-dev']

kc-postgres:
image: "postgres:12"
Expand Down
37 changes: 25 additions & 12 deletions profiles/keycloak/keycloak-playbook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,9 @@
- name: Create or update AAP Keycloak realm
community.general.keycloak_realm:
auth_client_id: admin-cli
auth_keycloak_url: http://keycloak:8080/auth
#auth_keycloak_url: http://keycloak:8080/auth
auth_keycloak_url: http://keycloak:8080
#auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: admin
Expand All @@ -31,7 +33,8 @@
- name: Create or update a Keycloak client
community.general.keycloak_client:
auth_client_id: admin-cli
auth_keycloak_url: http://keycloak:8080/auth
#auth_keycloak_url: http://keycloak:8080/auth
auth_keycloak_url: http://keycloak:8080
auth_realm: master
auth_username: admin
auth_password: admin
Expand Down Expand Up @@ -158,7 +161,8 @@

- name: Create Token for service Keycloak
uri:
url: "http://keycloak:8080/auth/realms/master/protocol/openid-connect/token"
#url: "http://keycloak:8080/auth/realms/master/protocol/openid-connect/token"
url: "http://keycloak:8080/realms/master/protocol/openid-connect/token"
method: POST
body_format: form-urlencoded
body:
Expand Down Expand Up @@ -236,7 +240,8 @@

- name: Create LDAP configuration
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/components"
#url: "http://keycloak:8080/auth/admin/realms/aap/components"
url: "http://keycloak:8080/admin/realms/aap/components"
method: POST
body_format: json
body: "{{ ldap_config | to_json }}"
Expand All @@ -251,7 +256,8 @@

- name: Get components
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/components?parent=aap&type=org.keycloak.storage.UserStorageProvider"
#url: "http://keycloak:8080/auth/admin/realms/aap/components?parent=aap&type=org.keycloak.storage.UserStorageProvider"
url: "http://keycloak:8080/admin/realms/aap/components?parent=aap&type=org.keycloak.storage.UserStorageProvider"
method: GET
status_code:
- 200
Expand Down Expand Up @@ -302,7 +308,8 @@

- name: Create LDAP group mapping
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/components"
#url: "http://keycloak:8080/auth/admin/realms/aap/components"
url: "http://keycloak:8080/admin/realms/aap/components"
method: POST
body_format: json
body: "{{ ldap_group_mapper | to_json }}"
Expand All @@ -317,7 +324,8 @@

- name: Get group mapper identifier
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/components?parent={{ ldap_id }}&type=org.keycloak.storage.ldap.mappers.LDAPStorageMapper&name=group"
#url: "http://keycloak:8080/auth/admin/realms/aap/components?parent={{ ldap_id }}&type=org.keycloak.storage.ldap.mappers.LDAPStorageMapper&name=group"
url: "http://keycloak:8080/admin/realms/aap/components?parent={{ ldap_id }}&type=org.keycloak.storage.ldap.mappers.LDAPStorageMapper&name=group"
method: GET
status_code:
- 200
Expand All @@ -333,7 +341,8 @@

- name: Sync LDAP users
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/user-storage/{{ ldap_id }}/sync?action=triggerFullSync"
#url: "http://keycloak:8080/auth/admin/realms/aap/user-storage/{{ ldap_id }}/sync?action=triggerFullSync"
url: "http://keycloak:8080/admin/realms/aap/user-storage/{{ ldap_id }}/sync?action=triggerFullSync"
method: POST
status_code:
- 200
Expand All @@ -345,7 +354,8 @@

- name: Sync LDAP groups
uri:
url: "http://keycloak:8080/auth/admin/realms/aap/user-storage/{{ ldap_id }}/mappers/{{ keycloak_ldap_group_mapper_id }}/sync?direction=fedToKeycloak"
#url: "http://keycloak:8080/auth/admin/realms/aap/user-storage/{{ ldap_id }}/mappers/{{ keycloak_ldap_group_mapper_id }}/sync?direction=fedToKeycloak"
url: "http://keycloak:8080/admin/realms/aap/user-storage/{{ ldap_id }}/mappers/{{ keycloak_ldap_group_mapper_id }}/sync?direction=fedToKeycloak"
method: POST
status_code:
- 200
Expand All @@ -363,7 +373,8 @@
client_id: automation-hub
state: present
auth_client_id: admin-cli
auth_keycloak_url: http://keycloak:8080/auth
#auth_keycloak_url: http://keycloak:8080/auth
auth_keycloak_url: http://keycloak:8080
auth_realm: master
auth_username: admin
auth_password: admin
Expand All @@ -379,15 +390,17 @@
client_id: automation-hub
state: present
auth_client_id: admin-cli
auth_keycloak_url: http://keycloak:8080/auth
#auth_keycloak_url: http://keycloak:8080/auth
auth_keycloak_url: http://keycloak:8080
auth_realm: master
auth_username: admin
auth_password: admin
# loop: "{{ user_list.json}}"

- name: Get realm public key
uri:
url: "http://keycloak:8080/auth/realms/aap"
#url: "http://keycloak:8080/auth/realms/aap"
url: "http://keycloak:8080/realms/aap"
method: GET
status_code:
- 200
Expand Down

0 comments on commit 0e80ca5

Please sign in to comment.