mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-06 10:50:31 -07:00
ci: more linter fixes
This commit is contained in:
Guido Grazioli
parent
f0318b2ecf
commit
5b459f3dde
7 changed files with 106 additions and 104 deletions
|
|
@ -637,7 +637,7 @@ EXAMPLES = '''
|
||||||
- test01
|
- test01
|
||||||
- test02
|
- test02
|
||||||
authentication_flow_binding_overrides:
|
authentication_flow_binding_overrides:
|
||||||
browser: 4c90336b-bf1d-4b87-916d-3677ba4e5fbb
|
browser: 4c90336b-bf1d-4b87-916d-3677ba4e5fbb
|
||||||
protocol_mappers:
|
protocol_mappers:
|
||||||
- config:
|
- config:
|
||||||
access.token.claim: true
|
access.token.claim: true
|
||||||
|
|
|
||||||
|
|
@ -142,14 +142,14 @@ EXAMPLES = '''
|
||||||
auth_password: PASSWORD
|
auth_password: PASSWORD
|
||||||
name: my-new-role
|
name: my-new-role
|
||||||
attributes:
|
attributes:
|
||||||
attrib1: value1
|
attrib1: value1
|
||||||
attrib2: value2
|
attrib2: value2
|
||||||
attrib3:
|
attrib3:
|
||||||
- with
|
- with
|
||||||
- numerous
|
- numerous
|
||||||
- individual
|
- individual
|
||||||
- list
|
- list
|
||||||
- items
|
- items
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -475,99 +475,99 @@ author:
|
||||||
'''
|
'''
|
||||||
|
|
||||||
EXAMPLES = '''
|
EXAMPLES = '''
|
||||||
- name: Create LDAP user federation
|
- name: Create LDAP user federation
|
||||||
middleware_automation.keycloak.keycloak_user_federation:
|
middleware_automation.keycloak.keycloak_user_federation:
|
||||||
auth_keycloak_url: https://keycloak.example.com/auth
|
auth_keycloak_url: https://keycloak.example.com/auth
|
||||||
auth_realm: master
|
auth_realm: master
|
||||||
auth_username: admin
|
auth_username: admin
|
||||||
auth_password: password
|
auth_password: password
|
||||||
realm: my-realm
|
realm: my-realm
|
||||||
name: my-ldap
|
name: my-ldap
|
||||||
state: present
|
state: present
|
||||||
provider_id: ldap
|
provider_id: ldap
|
||||||
provider_type: org.keycloak.storage.UserStorageProvider
|
provider_type: org.keycloak.storage.UserStorageProvider
|
||||||
config:
|
config:
|
||||||
priority: 0
|
priority: 0
|
||||||
enabled: true
|
enabled: true
|
||||||
cachePolicy: DEFAULT
|
cachePolicy: DEFAULT
|
||||||
batchSizeForSync: 1000
|
batchSizeForSync: 1000
|
||||||
editMode: READ_ONLY
|
editMode: READ_ONLY
|
||||||
importEnabled: true
|
importEnabled: true
|
||||||
syncRegistrations: false
|
syncRegistrations: false
|
||||||
vendor: other
|
vendor: other
|
||||||
usernameLDAPAttribute: uid
|
usernameLDAPAttribute: uid
|
||||||
rdnLDAPAttribute: uid
|
rdnLDAPAttribute: uid
|
||||||
uuidLDAPAttribute: entryUUID
|
uuidLDAPAttribute: entryUUID
|
||||||
userObjectClasses: inetOrgPerson, organizationalPerson
|
userObjectClasses: inetOrgPerson, organizationalPerson
|
||||||
connectionUrl: ldaps://ldap.example.com:636
|
connectionUrl: ldaps://ldap.example.com:636
|
||||||
usersDn: ou=Users,dc=example,dc=com
|
usersDn: ou=Users,dc=example,dc=com
|
||||||
authType: simple
|
authType: simple
|
||||||
bindDn: cn=directory reader
|
bindDn: cn=directory reader
|
||||||
bindCredential: password
|
bindCredential: password
|
||||||
searchScope: 1
|
searchScope: 1
|
||||||
validatePasswordPolicy: false
|
validatePasswordPolicy: false
|
||||||
trustEmail: false
|
trustEmail: false
|
||||||
useTruststoreSpi: ldapsOnly
|
useTruststoreSpi: ldapsOnly
|
||||||
connectionPooling: true
|
connectionPooling: true
|
||||||
pagination: true
|
pagination: true
|
||||||
allowKerberosAuthentication: false
|
allowKerberosAuthentication: false
|
||||||
debug: false
|
debug: false
|
||||||
useKerberosForPasswordAuthentication: false
|
useKerberosForPasswordAuthentication: false
|
||||||
mappers:
|
mappers:
|
||||||
- name: "full name"
|
- name: "full name"
|
||||||
providerId: "full-name-ldap-mapper"
|
providerId: "full-name-ldap-mapper"
|
||||||
providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
|
providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
|
||||||
config:
|
config:
|
||||||
ldap.full.name.attribute: cn
|
ldap.full.name.attribute: cn
|
||||||
read.only: true
|
read.only: true
|
||||||
write.only: false
|
write.only: false
|
||||||
|
|
||||||
- name: Create Kerberos user federation
|
- name: Create Kerberos user federation
|
||||||
middleware_automation.keycloak.keycloak_user_federation:
|
middleware_automation.keycloak.keycloak_user_federation:
|
||||||
auth_keycloak_url: https://keycloak.example.com/auth
|
auth_keycloak_url: https://keycloak.example.com/auth
|
||||||
auth_realm: master
|
auth_realm: master
|
||||||
auth_username: admin
|
auth_username: admin
|
||||||
auth_password: password
|
auth_password: password
|
||||||
realm: my-realm
|
realm: my-realm
|
||||||
name: my-kerberos
|
name: my-kerberos
|
||||||
state: present
|
state: present
|
||||||
provider_id: kerberos
|
provider_id: kerberos
|
||||||
provider_type: org.keycloak.storage.UserStorageProvider
|
provider_type: org.keycloak.storage.UserStorageProvider
|
||||||
config:
|
config:
|
||||||
priority: 0
|
priority: 0
|
||||||
enabled: true
|
enabled: true
|
||||||
cachePolicy: DEFAULT
|
cachePolicy: DEFAULT
|
||||||
kerberosRealm: EXAMPLE.COM
|
kerberosRealm: EXAMPLE.COM
|
||||||
serverPrincipal: HTTP/host.example.com@EXAMPLE.COM
|
serverPrincipal: HTTP/host.example.com@EXAMPLE.COM
|
||||||
keyTab: keytab
|
keyTab: keytab
|
||||||
allowPasswordAuthentication: false
|
allowPasswordAuthentication: false
|
||||||
updateProfileFirstLogin: false
|
updateProfileFirstLogin: false
|
||||||
|
|
||||||
- name: Create sssd user federation
|
- name: Create sssd user federation
|
||||||
middleware_automation.keycloak.keycloak_user_federation:
|
middleware_automation.keycloak.keycloak_user_federation:
|
||||||
auth_keycloak_url: https://keycloak.example.com/auth
|
auth_keycloak_url: https://keycloak.example.com/auth
|
||||||
auth_realm: master
|
auth_realm: master
|
||||||
auth_username: admin
|
auth_username: admin
|
||||||
auth_password: password
|
auth_password: password
|
||||||
realm: my-realm
|
realm: my-realm
|
||||||
name: my-sssd
|
name: my-sssd
|
||||||
state: present
|
state: present
|
||||||
provider_id: sssd
|
provider_id: sssd
|
||||||
provider_type: org.keycloak.storage.UserStorageProvider
|
provider_type: org.keycloak.storage.UserStorageProvider
|
||||||
config:
|
config:
|
||||||
priority: 0
|
priority: 0
|
||||||
enabled: true
|
enabled: true
|
||||||
cachePolicy: DEFAULT
|
cachePolicy: DEFAULT
|
||||||
|
|
||||||
- name: Delete user federation
|
- name: Delete user federation
|
||||||
middleware_automation.keycloak.keycloak_user_federation:
|
middleware_automation.keycloak.keycloak_user_federation:
|
||||||
auth_keycloak_url: https://keycloak.example.com/auth
|
auth_keycloak_url: https://keycloak.example.com/auth
|
||||||
auth_realm: master
|
auth_realm: master
|
||||||
auth_username: admin
|
auth_username: admin
|
||||||
auth_password: password
|
auth_password: password
|
||||||
realm: my-realm
|
realm: my-realm
|
||||||
name: my-federation
|
name: my-federation
|
||||||
state: absent
|
state: absent
|
||||||
'''
|
'''
|
||||||
|
|
||||||
RETURN = '''
|
RETURN = '''
|
||||||
|
|
|
||||||
|
|
@ -73,7 +73,7 @@
|
||||||
- name: Ensure logdirectory exists
|
- name: Ensure logdirectory exists
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
state: directory
|
state: directory
|
||||||
path: "{{ keycloak.log.file | dirname }}"
|
path: "{{ keycloak.log.file | dirname }}"
|
||||||
owner: "{{ keycloak.service_user }}"
|
owner: "{{ keycloak.service_user }}"
|
||||||
group: "{{ keycloak.service_group }}"
|
group: "{{ keycloak.service_group }}"
|
||||||
mode: '0775'
|
mode: '0775'
|
||||||
|
|
|
||||||
|
|
@ -13,4 +13,4 @@
|
||||||
register: keycloak_status
|
register: keycloak_status
|
||||||
until: keycloak_status.status == 200
|
until: keycloak_status.status == 200
|
||||||
retries: 25
|
retries: 25
|
||||||
delay: 10
|
delay: 10
|
||||||
|
|
|
||||||
|
|
@ -7,4 +7,5 @@ keycloak_quarkus_prereq_package_list:
|
||||||
- apt
|
- apt
|
||||||
- tzdata
|
- tzdata
|
||||||
keycloak_quarkus_sysconf_file: /etc/default/keycloak
|
keycloak_quarkus_sysconf_file: /etc/default/keycloak
|
||||||
keycloak_quarkus_pkg_java_home: "/usr/lib/jvm/java-{{ keycloak_quarkus_varjvm_package | regex_search('(?!:openjdk-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
keycloak_quarkus_pkg_java_home: "/usr/lib/jvm/java-{{ keycloak_quarkus_varjvm_package | \
|
||||||
|
regex_search('(?!:openjdk-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,11 @@
|
||||||
---
|
---
|
||||||
keycloak:
|
keycloak: # noqa var-naming this is an internal dict of interpolated values
|
||||||
home: "{{ keycloak_quarkus_home }}"
|
home: "{{ keycloak_quarkus_home }}"
|
||||||
config_dir: "{{ keycloak_quarkus_config_dir }}"
|
config_dir: "{{ keycloak_quarkus_config_dir }}"
|
||||||
bundle: "{{ keycloak_quarkus_archive }}"
|
bundle: "{{ keycloak_quarkus_archive }}"
|
||||||
service_name: "keycloak"
|
service_name: "keycloak"
|
||||||
health_url: "http://{{ keycloak_quarkus_host }}:{{ keycloak_quarkus_http_port }}{{ keycloak_quarkus_http_relative_path }}{{ '/' if keycloak_quarkus_http_relative_path | length > 1 else '' }}realms/master/.well-known/openid-configuration"
|
health_url: "http://{{ keycloak_quarkus_host }}:{{ keycloak_quarkus_http_port }}{{ keycloak_quarkus_http_relative_path }}{{ '/' \
|
||||||
|
if keycloak_quarkus_http_relative_path | length > 1 else '' }}realms/master/.well-known/openid-configuration"
|
||||||
cli_path: "{{ keycloak_quarkus_home }}/bin/kcadm.sh"
|
cli_path: "{{ keycloak_quarkus_home }}/bin/kcadm.sh"
|
||||||
service_user: "{{ keycloak_quarkus_service_user }}"
|
service_user: "{{ keycloak_quarkus_service_user }}"
|
||||||
service_group: "{{ keycloak_quarkus_service_group }}"
|
service_group: "{{ keycloak_quarkus_service_group }}"
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue