diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml index 9160876..4543f82 100644 --- a/roles/keycloak/defaults/main.yml +++ b/roles/keycloak/defaults/main.yml @@ -83,3 +83,5 @@ keycloak_default_jdbc: mariadb: url: 'jdbc:mariadb://localhost:3306/keycloak' version: 2.7.4 +# role specific vars +keycloak_no_log: True diff --git a/roles/keycloak/meta/argument_specs.yml b/roles/keycloak/meta/argument_specs.yml index 8151ed1..4d36f4c 100644 --- a/roles/keycloak/meta/argument_specs.yml +++ b/roles/keycloak/meta/argument_specs.yml @@ -266,6 +266,10 @@ argument_specs: default: "Keycloak" description: "systemd description for keycloak" type: "str" + keycloak_no_log: + default: true + type: "bool" + description: "Changes default behavior for no_log for debugging purpose, do not change for production system." downstream: options: sso_version: @@ -275,11 +279,11 @@ argument_specs: sso_rhn_id: default: "104539" description: "Customer Portal product ID for Red Hat SSO" - type: "str" + type: "str" sso_archive: default: "rh-sso-{{ sso_version }}-server-dist.zip" description: "Red Hat SSO install archive filename" - type: "str" + type: "str" sso_dest: default: "/opt/sso" description: "Root installation directory" diff --git a/roles/keycloak_realm/tasks/main.yml b/roles/keycloak_realm/tasks/main.yml index 1544a1e..85ee5f0 100644 --- a/roles/keycloak_realm/tasks/main.yml +++ b/roles/keycloak_realm/tasks/main.yml @@ -5,7 +5,7 @@ method: POST body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password" validate_certs: no - no_log: True + no_log: "{{ keycloak_no_log | default('True') }}" register: keycloak_auth_response until: keycloak_auth_response.status == 200 retries: 5 @@ -48,7 +48,7 @@ provider_type: "{{ item.provider_type | default(org.keycloak.storage.UserStorageProvider) }}" config: "{{ item.config }}" mappers: "{{ item.mappers | default(omit) }}" - no_log: True + no_log: "{{ keycloak_no_log | default('True') }}" register: create_user_federation_result loop: "{{ keycloak_user_federation | flatten }}" when: keycloak_user_federation is defined @@ -91,7 +91,7 @@ public_client: "{{ item.public_client | default(False) }}" protocol: "{{ item.protocol | default(omit) }}" state: present - no_log: True + no_log: "{{ keycloak_no_log | default('True') }}" register: create_client_result loop: "{{ keycloak_clients | flatten }}" when: (item.name is defined and item.client_id is defined) or (item.name is defined and item.id is defined) diff --git a/roles/keycloak_realm/tasks/manage_client_roles.yml b/roles/keycloak_realm/tasks/manage_client_roles.yml index 04cf2fa..6db30fa 100644 --- a/roles/keycloak_realm/tasks/manage_client_roles.yml +++ b/roles/keycloak_realm/tasks/manage_client_roles.yml @@ -10,4 +10,4 @@ auth_password: "{{ keycloak_admin_password }}" state: present loop: "{{ client.roles | flatten }}" - no_log: True + no_log: "{{ keycloak_no_log | default('True') }}" diff --git a/roles/keycloak_realm/tasks/manage_user_roles.yml b/roles/keycloak_realm/tasks/manage_user_roles.yml index e9d18b7..ff803a2 100644 --- a/roles/keycloak_realm/tasks/manage_user_roles.yml +++ b/roles/keycloak_realm/tasks/manage_user_roles.yml @@ -14,7 +14,7 @@ body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password" validate_certs: no register: keycloak_auth_response - no_log: True + no_log: "{{ keycloak_no_log | default('True') }}" until: keycloak_auth_response.status == 200 retries: 5 delay: 2