Downstream variables

2025-08-23 22:41:51 -07:00 · 2022-09-19 16:02:55 +02:00 · 2022-09-19 16:02:55 +02:00 · 5e89139870
commit 5e89139870
parent 38b5a02e95
14 changed files with 73 additions and 138 deletions
--- a/roles/keycloak/tasks/install.yml
+++ b/roles/keycloak/tasks/install.yml
@ -81,7 +81,7 @@
    - archive_path is defined
    - archive_path.stat is defined
    - not archive_path.stat.exists
-    - not keycloak_rhsso_enable
+    - not sso_enable is defined or not sso_enable
    - not keycloak_offline_install

 - name: Perform download from RHN
@ -96,9 +96,9 @@
    - archive_path is defined
    - archive_path.stat is defined
    - not archive_path.stat.exists
-    - keycloak_rhsso_enable
+    - sso_enable is defined and sso_enable
    - not keycloak_offline_install
-    - keycloak_rhn_url in keycloak_rhsso_download_url
+    - keycloak_rhn_url in keycloak_download_url

 - name: Download rhsso archive from alternate location
  ansible.builtin.get_url: # noqa risky-file-permissions delegated, uses controller host user
@ -110,9 +110,9 @@
    - archive_path is defined
    - archive_path.stat is defined
    - not archive_path.stat.exists
-    - keycloak_rhsso_enable
+    - sso_enable is defined and sso_enable
    - not keycloak_offline_install
-    - not keycloak_rhn_url in keycloak_rhsso_download_url
+    - not keycloak_rhn_url in keycloak_download_url

 - name: Check downloaded archive
  ansible.builtin.stat:
@ -141,7 +141,7 @@
  register: path_to_workdir
  become: yes

- name: "Extract {{ 'Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Keycloak' }} archive on target"
+- name: "Extract {{ keycloak_service_desc }} archive on target"
  ansible.builtin.unarchive:
    remote_src: yes
    src: "{{ archive }}"
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -24,7 +24,9 @@

 - name: Include patch install tasks
  ansible.builtin.include_tasks: rhsso_patch.yml
-  when: keycloak_rhsso_apply_patches and keycloak_rhsso_enable
+  when:
+    - sso_apply_patches is defined and sso_apply_patches
+    - sso_enable is defined and sso_enable
  tags:
    - install
    - patch
--- a/roles/keycloak/tasks/prereqs.yml
+++ b/roles/keycloak/tasks/prereqs.yml
@ -18,11 +18,11 @@
 - name: Validate credentials
  ansible.builtin.assert:
    that:
-      - (rhn_username is defined and keycloak_rhsso_enable) or not keycloak_rhsso_enable or keycloak_offline_install
-      - (rhn_password is defined and keycloak_rhsso_enable) or not keycloak_rhsso_enable or keycloak_offline_install
+      - (rhn_username is defined and sso_enable is defined and sso_enable) or not sso_enable is defined or not sso_enable or keycloak_offline_install
+      - (rhn_password is defined and sso_enable is defined and sso_enable) or not sso_enable is defined or not sso_enable or keycloak_offline_install
    quiet: True
    fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined"
-    success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}"
+    success_msg: "Installing {{ keycloak_service_desc }}"

 - name: Validate persistence configuration
  ansible.builtin.assert:
--- a/roles/keycloak/tasks/rhsso_patch.yml
+++ b/roles/keycloak/tasks/rhsso_patch.yml
@ -2,7 +2,7 @@
 ## check remote patch archive
 - name: Set download patch archive path
  ansible.builtin.set_fact:
-    patch_archive: "{{ keycloak_dest }}/{{ keycloak.patch_bundle }}"
+    patch_archive: "{{ keycloak_dest }}/{{ sso_patch_bundle }}"

 - name: Check download patch archive path
  ansible.builtin.stat:
@ -11,8 +11,8 @@

 - name: Perform download from RHN
  middleware_automation.redhat_csp_download.redhat_csp_download:
-    url: "{{ keycloak_rhn_url }}{{ rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.id }}"
-    dest: "{{ local_path.stat.path }}/{{ keycloak.patch_bundle }}"
+    url: "{{ keycloak_rhn_url }}{{ sso_rhn_ids[keycloak_version].latest_cp.id }}"
+    dest: "{{ local_path.stat.path }}/{{ sso_patch_bundle }}"
    username: "{{ rhn_username }}"
    password: "{{ rhn_password }}"
  no_log: "{{ omit_rhn_output | default(true) }}"
@ -21,13 +21,13 @@
    - patch_archive_path is defined
    - patch_archive_path.stat is defined
    - not patch_archive_path.stat.exists
-    - keycloak_rhsso_enable
+    - sso_enable is defined and sso_enable
    - not keycloak_offline_install

 ## copy and unpack
 - name: Copy patch archive to target nodes
  ansible.builtin.copy:
-    src: "{{ local_path.stat.path }}/{{ keycloak.patch_bundle }}"
+    src: "{{ local_path.stat.path }}/{{ sso_patch_bundle }}"
    dest: "{{ patch_archive }}"
    owner: "{{ keycloak_service_user }}"
    group: "{{ keycloak_service_group }}"
@ -48,9 +48,9 @@
  when: 
    - cli_result is defined
    - cli_result.stdout is defined
-    - rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.v not in cli_result.stdout
+    - sso_rhn_ids[keycloak_version].latest_cp.v not in cli_result.stdout
  block:
-    - name: "Apply patch {{ rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.v }} to server"
+    - name: "Apply patch {{ sso_rhn_ids[keycloak_version].latest_cp.v }} to server"
      ansible.builtin.include_tasks: rhsso_cli.yml
      vars:
        query: "patch apply {{ patch_archive }}"
@ -78,10 +78,10 @@
    - name: "Verify installed patch version"
      ansible.builtin.assert:
        that:
-          - rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.v not in cli_result.stdout
+          - sso_rhn_ids[keycloak_version].latest_cp.v not in cli_result.stdout
        fail_msg: "Patch installation failed"
        success_msg: "Patch installation successful"

 - name: "Skipping patch"
  ansible.builtin.debug:
-    msg: "Latest cumulative patch {{ rhsso_rhn_ids[keycloak_rhsso_version].latest_cp.v }} already installed, skipping patch installation."
+    msg: "Latest cumulative patch {{ sso_rhn_ids[keycloak_version].latest_cp.v }} already installed, skipping patch installation."