Merge pull request #120 from jacobdotcosta/issue-79

feat: add a destination variable for the log link
2025-04-06 10:50:31 -07:00 · 2023-11-03 10:55:21 +01:00 · 2023-11-03 10:55:21 +01:00 · b819c98ab3
commit b819c98ab3
parent 41c1306602 6970236201
12 changed files with 80 additions and 3 deletions
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@ -10,6 +10,7 @@
        port: 16667
      - host: myhost2
        port: 16668
+    keycloak_log_target: /tmp/keycloak
  roles:
    - role: keycloak
  tasks:
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@ -55,3 +55,31 @@
      ansible.builtin.assert:
        that:
          - (keycloak_query_clients.json | selectattr('clientId','equalto','TestClient') | first)["attributes"]["post.logout.redirect.uris"] == '/public/logout'
+    - name: Check log folder
+      ansible.builtin.stat:
+        path: "/tmp/keycloak"
+      register: keycloak_log_folder
+    - name: Check that keycloak log folder exists and is a link
+      ansible.builtin.assert:
+        that:
+          - keycloak_log_folder.stat.exists
+          - not keycloak_log_folder.stat.isdir
+          - keycloak_log_folder.stat.islnk
+    - name: Check log file
+      ansible.builtin.stat:
+        path: "/tmp/keycloak/server.log"
+      register: keycloak_log_file
+    - name: Check if keycloak file exists
+      ansible.builtin.assert:
+        that:
+          - keycloak_log_file.stat.exists
+          - not keycloak_log_file.stat.isdir
+    - name: Check default log folder
+      ansible.builtin.stat:
+        path: "/var/log/keycloak"
+      register: keycloak_default_log_folder
+      failed_when: false
+    - name: Check that default keycloak log folder doesn't exist
+      ansible.builtin.assert:
+        that:
+          - not keycloak_default_log_folder.stat.exists
--- a/molecule/quarkus/converge.yml
+++ b/molecule/quarkus/converge.yml
@ -11,6 +11,7 @@
    keycloak_quarkus_https_enabled: True
    keycloak_quarkus_key_file: "{{ keycloak.home }}/conf/key.pem"
    keycloak_quarkus_cert_file: "{{ keycloak.home }}/conf/cert.pem"
+    keycloak_quarkus_log_target: /tmp/keycloak
  roles:
    - role: keycloak_quarkus
    - role: keycloak_realm
--- a/molecule/quarkus/verify.yml
+++ b/molecule/quarkus/verify.yml
@ -37,3 +37,37 @@
              - (openid_config.stdout | from_json)['authorization_endpoint'] == 'https://instance/realms/master/protocol/openid-connect/auth'
              - (openid_config.stdout | from_json)['token_endpoint'] == 'https://instance/realms/master/protocol/openid-connect/token'
          delegate_to: localhost
+
+    - name: Check log folder
+      ansible.builtin.stat:
+        path: "/tmp/keycloak"
+      register: keycloak_log_folder
+
+    - name: Check that keycloak log folder exists and is a link
+      ansible.builtin.assert:
+        that:
+          - keycloak_log_folder.stat.exists
+          - not keycloak_log_folder.stat.isdir
+          - keycloak_log_folder.stat.islnk
+          
+    - name: Check log file
+      ansible.builtin.stat:
+        path: "/tmp/keycloak/keycloak.log"
+      register: keycloak_log_file
+
+    - name: Check if keycloak file exists
+      ansible.builtin.assert:
+        that:
+          - keycloak_log_file.stat.exists
+          - not keycloak_log_file.stat.isdir
+
+    - name: Check default log folder
+      ansible.builtin.stat:
+        path: "/var/log/keycloak"
+      register: keycloak_default_log_folder
+      failed_when: false
+
+    - name: Check that default keycloak log folder doesn't exist
+      ansible.builtin.assert:
+        that:
+          - not keycloak_default_log_folder.stat.exists
--- a/roles/keycloak/README.md
+++ b/roles/keycloak/README.md
@ -117,7 +117,7 @@ Role Defaults
 |`keycloak_db_background_validation_millis`| How frequenly the connection pool is validated in the background | `10000` if background validation enabled |
 |`keycloak_db_background_validate_on_match` | Enable validate on match for database connections | `False` |
 |`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth/` |
-
+|`keycloak_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` |


 Role Variables
--- a/roles/keycloak/defaults/main.yml
+++ b/roles/keycloak/defaults/main.yml
@ -114,3 +114,6 @@ keycloak_default_jdbc:
    version: 12.2.0
 # role specific vars
 keycloak_no_log: True
+
+### logging configuration
+keycloak_log_target: /var/log/keycloak
--- a/roles/keycloak/meta/argument_specs.yml
+++ b/roles/keycloak/meta/argument_specs.yml
@ -356,6 +356,10 @@ argument_specs:
                required: False
                description: "Override the subnet match for jgroups cluster formation; if not defined, it will be inferred from local machine route configuration"
                type: "str"
+            keycloak_log_target:
+                default: '/var/log/keycloak'
+                type: "str"
+                description: "Set the destination of the keycloak log folder link"
    downstream:
        options:
            sso_version:
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -34,7 +34,7 @@
  ansible.builtin.file:
    state: link
    src: "{{ keycloak_jboss_home }}/standalone/log"
-    dest: /var/log/keycloak
+    dest: "{{ keycloak_log_target }}"
  become: yes

 - name: Set admin credentials and restart if not already created
--- a/roles/keycloak_quarkus/README.md
+++ b/roles/keycloak_quarkus/README.md
@ -97,6 +97,7 @@ Role Defaults
 |`keycloak_quarkus_log_level`| The log level of the root category or a comma-separated list of individual categories and their levels | `info` |
 |`keycloak_quarkus_log_file`| Set the log file path and filename relative to keycloak home | `data/log/keycloak.log` |
 |`keycloak_quarkus_log_format`| Set a format specific to file log entries | `%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n` |
+|`keycloak_quarkus_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` |
 |`keycloak_quarkus_proxy_mode`| The proxy address forwarding mode if the server is behind a reverse proxy | `edge` |
 |`keycloak_quarkus_start_dev`| Whether to start the service in development mode (start-dev) | `False` |
 |`keycloak_quarkus_transaction_xa_enabled`| Whether to use XA transactions | `True` |
--- a/roles/keycloak_quarkus/defaults/main.yml
+++ b/roles/keycloak_quarkus/defaults/main.yml
@ -90,3 +90,4 @@ keycloak_quarkus_log: file
 keycloak_quarkus_log_level: info
 keycloak_quarkus_log_file: data/log/keycloak.log
 keycloak_quarkus_log_format: '%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n'
+keycloak_quarkus_log_target: /var/log/keycloak
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@ -243,6 +243,10 @@ argument_specs:
                default: '%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n'
                type: "str"
                description: "Set a format specific to file log entries"
+            keycloak_quarkus_log_target:
+                default: '/var/log/keycloak'
+                type: "str"
+                description: "Set the destination of the keycloak log folder link"
            keycloak_quarkus_proxy_mode:
                default: 'edge'
                type: "str"
--- a/roles/keycloak_quarkus/tasks/main.yml
+++ b/roles/keycloak_quarkus/tasks/main.yml
@ -67,6 +67,6 @@
  ansible.builtin.file:
    state: link
    src: "{{ keycloak.log.file | dirname }}"
-    dest: /var/log/keycloak
+    dest: "{{ keycloak_quarkus_log_target }}"
    force: yes
  become: yes