From 69a947c0b6961b35d541c141786c80d0d2ecfc9f Mon Sep 17 00:00:00 2001
From: Guido Grazioli <ggraziol@redhat.com>
Date: Wed, 16 Apr 2025 11:34:12 +0200
Subject: [PATCH] rename _admin to _hostname_admin

---
 roles/keycloak_quarkus/README.md                 | 16 ++++++++++------
 roles/keycloak_quarkus/defaults/main.yml         |  2 +-
 roles/keycloak_quarkus/meta/argument_specs.yml   |  4 ++--
 roles/keycloak_quarkus/tasks/deprecations.yml    |  6 +++---
 .../keycloak_quarkus/templates/keycloak.conf.j2  |  2 +-
 5 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/roles/keycloak_quarkus/README.md b/roles/keycloak_quarkus/README.md
index dc7ced7..6427209 100644
--- a/roles/keycloak_quarkus/README.md
+++ b/roles/keycloak_quarkus/README.md
@@ -64,10 +64,8 @@ Role Defaults
 |`keycloak_quarkus_java_jvm_opts`| Other JVM settings | same as keycloak |
 |`keycloak_quarkus_java_opts`| JVM arguments; if overridden, it takes precedence over `keycloak_quarkus_java_*` | `{{ keycloak_quarkus_java_heap_opts + ' ' + keycloak_quarkus_java_jvm_opts }}` |
 |`keycloak_quarkus_additional_env_vars` | List of additional env variables of { key: str, value: str} to be put in sysconfig file | `[]` |
-|`keycloak_quarkus_hostname`| Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request. | |
 |`keycloak_quarkus_frontend_url`| Deprecated, use `keycloak_quarkus_hostname` instead. | |
-|`keycloak_quarkus_admin`| Set the base URL for accessing the administration console, including scheme, host, port and path | |
-|`keycloak_quarkus_admin_url`| Deprecated, use `keycloak_quarkus_admin` instead. | |
+|`keycloak_quarkus_admin_url`| Deprecated, use `keycloak_quarkus_hostname_admin` instead. | |
 |`keycloak_quarkus_http_relative_path` | Set the path relative to / for serving resources. The path must start with a / | `/` |
 |`keycloak_quarkus_http_management_relative_path` | Set the path relative to / for serving resources from management interface. The path must start with a /. If not given, the value is inherited from HTTP options. Relevant only when something is exposed on the management interface - see the guide for details. | `/` |
 |`keycloak_quarkus_http_enabled`| Enable listener on HTTP port | `True` |
@@ -119,12 +117,20 @@ Role Defaults
 
 | Variable | Description | Default |
 |:---------|:------------|:--------|
-|`keycloak_quarkus_http_relative_path`| Set the path relative to / for serving resources. The path must start with a / | `/` |
+|`keycloak_quarkus_hostname`| Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request. | |
+|`keycloak_quarkus_hostname_admin`| Set the base URL for accessing the administration console, including scheme, host, port and path | |
 |`keycloak_quarkus_hostname_strict`| Disables dynamically resolving the hostname from request headers | `true` |
 |`keycloak_quarkus_hostname_backchannel_dynamic`| Enables dynamic resolving of backchannel URLs, including hostname, scheme, port and context path. Set to true if your application accesses Keycloak via a private network. If set to true, hostname option needs to be specified as a full URL. | `false` |
 |`keycloak_quarkus_hostname_strict_backchannel`| Deprecated, use (the inverted!)`keycloak_quarkus_hostname_backchannel_dynamic` instead. |  |
 
 
+#### HTTP(S) configuration
+| Variable | Description | Default |
+|:---------|:------------|:--------|
+|`keycloak_quarkus_http_relative_path`| Set the path relative to / for serving resources. The path must start with a / | `/` |
+
+
+
 #### Database configuration
 
 | Variable | Description | Default |
@@ -250,8 +256,6 @@ Role Variables
 |:---------|:------------|----------|
 |`keycloak_quarkus_bootstrap_admin_password`| Password of console admin account | `yes` |
 |`keycloak_quarkus_admin_pass`| Deprecated, use `keycloak_quarkus_bootstrap_admin_password` instead. | |
-|`keycloak_quarkus_frontend_url`| Base URL for frontend URLs, including scheme, host, port and path | `no` |
-|`keycloak_quarkus_admin_url`| Base URL for accessing the administration console, including scheme, host, port and path | `no` |
 |`keycloak_quarkus_ks_vault_pass`| The password for accessing the keystore vault SPI | `no` |
 |`keycloak_quarkus_alternate_download_url`| Alternate location with optional authentication for downloading RHBK | `no` |
 |`keycloak_quarkus_download_user`| Optional username for http authentication  | `no*` |
diff --git a/roles/keycloak_quarkus/defaults/main.yml b/roles/keycloak_quarkus/defaults/main.yml
index 996d950..ed3dfab 100644
--- a/roles/keycloak_quarkus/defaults/main.yml
+++ b/roles/keycloak_quarkus/defaults/main.yml
@@ -79,7 +79,7 @@ keycloak_quarkus_systemd_wait_for_delay: 10
 
 ### keycloak frontend url
 keycloak_quarkus_hostname:
-keycloak_quarkus_admin:
+keycloak_quarkus_hostname_admin:
 
 ### Set the path relative to / for serving resources. The path must start with a /
 ### (set to `/auth` for retrocompatibility with pre-quarkus releases)
diff --git a/roles/keycloak_quarkus/meta/argument_specs.yml b/roles/keycloak_quarkus/meta/argument_specs.yml
index d42bec3..901e774 100644
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@@ -239,13 +239,13 @@ argument_specs:
                 required: false
                 description: "Deprecated in v26, use keycloak_quarkus_hostname instead."
                 type: "str"
-            keycloak_quarkus_admin:
+            keycloak_quarkus_hostname_admin:
                 required: false
                 description: "Service URL for the admin console"
                 type: "str"
             keycloak_quarkus_admin_url:
                 required: false
-                description: "Deprecated in v26, use keycloak_quarkus_admin instead."
+                description: "Deprecated in v26, use keycloak_quarkus_hostname_admin instead."
                 type: "str"
             keycloak_quarkus_metrics_enabled:
                 default: false
diff --git a/roles/keycloak_quarkus/tasks/deprecations.yml b/roles/keycloak_quarkus/tasks/deprecations.yml
index fe269e9..3d1b9d7 100644
--- a/roles/keycloak_quarkus/tasks/deprecations.yml
+++ b/roles/keycloak_quarkus/tasks/deprecations.yml
@@ -86,16 +86,16 @@
     - print deprecation warning
 
 # https://docs.redhat.com/en/documentation/red_hat_build_of_keycloak/26.0/html-single/upgrading_guide/index#new_hostname_options
-- name: Check deprecation of keycloak_quarkus_admin_url -> keycloak_quarkus_admin
+- name: Check deprecation of keycloak_quarkus_admin_url -> keycloak_quarkus_hostname_admin
   when:
-    - keycloak_quarkus_admin is not defined
+    - keycloak_quarkus_hostname_admin is not defined
     - keycloak_quarkus_admin_url is defined
     - keycloak_quarkus_admin_url != ''
   delegate_to: localhost
   run_once: true
   changed_when: keycloak_quarkus_show_deprecation_warnings
   ansible.builtin.set_fact:
-    keycloak_quarkus_admin: "{{ keycloak_quarkus_admin_url }}"
+    keycloak_quarkus_hostname_admin: "{{ keycloak_quarkus_admin_url }}"
     deprecated_variable: "keycloak_quarkus_admin_url" # read in deprecation handler
   notify:
     - print deprecation warning
diff --git a/roles/keycloak_quarkus/templates/keycloak.conf.j2 b/roles/keycloak_quarkus/templates/keycloak.conf.j2
index 6a4a6c1..f15bbd8 100644
--- a/roles/keycloak_quarkus/templates/keycloak.conf.j2
+++ b/roles/keycloak_quarkus/templates/keycloak.conf.j2
@@ -50,7 +50,7 @@ https-trust-store-password={{ keycloak_quarkus_https_trust_store_password }}
 
 # Client URL configuration
 hostname={{ keycloak_quarkus_hostname }}
-hostname-admin={{ keycloak_quarkus_admin }}
+hostname-admin={{ keycloak_quarkus_hostname_admin }}
 hostname-strict={{ keycloak_quarkus_hostname_strict | lower }}
 hostname-backchannel-dynamic={{ keycloak_quarkus_hostname_backchannel_dynamic | lower }}