Add validation of realm client and id

roles/keycloak/tasks/main.yml

@@ -36,6 +36,7 @@
     state: link
     src: "{{ keycloak_jboss_home }}/standalone/log"
     dest: /var/log/keycloak
+  become: yes
 
 - name: Set admin credentials and restart if not already created
   block:

roles/keycloak_realm/README.md

@@ -71,6 +71,8 @@ Refer to [docs](https://docs.ansible.com/ansible/latest/collections/community/ge
 
 ```yaml
     - name: <name of the client>
+      id: <id of the client>
+      client_id: <id of the client>
       roles: <keycloak_client_default_roles>
       realm: <name of the realm that contains the client>
       public_client: <true for public, false for confidential>
@@ -78,6 +80,9 @@ Refer to [docs](https://docs.ansible.com/ansible/latest/collections/community/ge
       users: <keycloak_client_users>
 ```
 
+`name` and either `id` or `client_id` are required.
+
+
 * `keycloak_client_users`, a list of:
 
 ```yaml

roles/keycloak_realm/tasks/main.yml

@@ -53,6 +53,17 @@
   loop: "{{ keycloak_user_federation | flatten }}"
   when: keycloak_user_federation is defined
 
+- name: Validate Keycloak clients
+  ansible.builtin.assert:
+    that:
+      - item.name is defined and item.name | length > 0
+      - (item.client_id is defined and item.client_id | length > 0) or (item.id is defined and item.id | length > 0)
+    fail_msg: "For each keycloak client, attributes `name` and either `id` or `client_id` is required"
+    quiet: True
+  loop: "{{ keycloak_clients | flatten }}"
+  loop_control:
+    label: "{{ item.name | default('unnamed client') }}"
+
 - name: Create or update a Keycloak client
   community.general.keycloak_client:
     auth_client_id: "{{ keycloak_auth_client }}"
@@ -97,4 +108,4 @@
   loop: "{{ keycloak_clients | flatten }}"
   loop_control:
     loop_var: client
-  when: "'users' in client"
+  when: "'users' in client"