ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-08-03 04:34:33 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

address review reqs

Browse source
This commit is contained in:
Guido Grazioli 2024-05-15 15:58:21 +02:00
commit c22389c86f
6 changed files with 26 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
roles/keycloak_quarkus/README.md
View file

@ -101,6 +101,9 @@ Role Defaults
|`keycloak_quarkus_systemd_wait_for_log` | Whether systemd unit should wait for service to be up in logs | `false` | |`keycloak_quarkus_systemd_wait_for_log` | Whether systemd unit should wait for service to be up in logs | `false` |
|`keycloak_quarkus_systemd_wait_for_timeout`| How long to wait for service to be alive (seconds) | `60` | |`keycloak_quarkus_systemd_wait_for_timeout`| How long to wait for service to be alive (seconds) | `60` |
|`keycloak_quarkus_systemd_wait_for_delay`| Activation delay for service systemd unit (seconds) | `10` | |`keycloak_quarkus_systemd_wait_for_delay`| Activation delay for service systemd unit (seconds) | `10` |
|`keycloak_quarkus_restart_strategy`| Strategy task file for restarting in HA (one of provided restart/['serial.yml','none.yml','serial_then_parallel.yml']) or path to file when providing custom strategy | `restart/serial.yml` |
|`keycloak_quarkus_restart_health_check`| Whether to wait for successful health check after restart | `{{ keycloak_quarkus_ha_enabled }}` |
|`keycloak_quarkus_restart_pause`| Seconds to wait between restarts in HA strategy | `15` |
#### Hostname configuration #### Hostname configuration

2
roles/keycloak_quarkus/defaults/main.yml
View file

@ -154,7 +154,7 @@ keycloak_quarkus_providers: []
keycloak_quarkus_policies: [] keycloak_quarkus_policies: []
keycloak_quarkus_supported_policy_types: ['password-blacklists'] keycloak_quarkus_supported_policy_types: ['password-blacklists']
# files in restart directory (one of [ 'serial', 'none', 'verify_first' ]), or path to file when providing custom strategy # files in restart directory (one of [ 'serial', 'none', 'serial_then_parallel' ]), or path to file when providing custom strategy
keycloak_quarkus_restart_strategy: restart/serial.yml keycloak_quarkus_restart_strategy: restart/serial.yml
keycloak_quarkus_restart_health_check: "{{ keycloak_quarkus_ha_enabled }}" keycloak_quarkus_restart_health_check: "{{ keycloak_quarkus_ha_enabled }}"
keycloak_quarkus_restart_pause: 15 keycloak_quarkus_restart_pause: 15

6
roles/keycloak_quarkus/meta/argument_specs.yml
View file

@ -433,12 +433,12 @@ argument_specs:
type: "bool" type: "bool"
keycloak_quarkus_restart_health_check: keycloak_quarkus_restart_health_check:
default: "{{ keycloak_quarkus_ha_enabled }}" default: "{{ keycloak_quarkus_ha_enabled }}"
description: "Whether to wait on successful health check after restart" description: "Whether to wait for successful health check after restart"
type: "bool" type: "bool"
keycloak_quarkus_restart_strategy: keycloak_quarkus_restart_strategy:
description: > description: >
Strategy task file for restarting in HA, one of [ 'serial', 'none', 'verify_first' ] below, or path to Strategy task file for restarting in HA, one of restart/[ 'serial', 'none', 'serial_then_parallel' ].yml, or path to
file when providing custom strategy file when providing custom strategy; when keycloak_quarkus_ha_enabled and keycloak_quarkus_restart_health_check == true
default: "restart/serial.yml" default: "restart/serial.yml"
type: "str" type: "str"
keycloak_quarkus_restart_pause: keycloak_quarkus_restart_pause:

6
roles/keycloak_quarkus/tasks/restart.yml
View file

@ -15,3 +15,9 @@
retries: 25 retries: 25
delay: 10 delay: 10
when: keycloak_quarkus_restart_health_check when: keycloak_quarkus_restart_health_check
- name: Pause to give distributed ispn caches time to (re-)replicate back onto first host
ansible.builtin.pause:
seconds: "{{ keycloak_quarkus_restart_pause }}"
when:
- keycloak_quarkus_ha_enabled

9
roles/keycloak_quarkus/tasks/restart/serial.yml
View file

@ -3,6 +3,9 @@
throttle: 1 throttle: 1
loop: "{{ ansible_play_hosts }}" loop: "{{ ansible_play_hosts }}"
block: block:
- name: "Restart and enable {{ keycloak.service_name }} service on first host" - name: "Restart and enable {{ keycloak.service_name }} service on {{ item }}"
ansible.builtin.include_tasks: ../restart.yml ansible.builtin.include_tasks:
delegate_to: "{{ item }}" file: ../restart.yml
apply:
delegate_to: "{{ item }}"
run_once: true

11
roles/keycloak_quarkus/tasks/restart/verify_first.yml → roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
View file

@ -1,5 +1,5 @@
--- ---
- name: Verify first restarted service with health URL, then rest in parallel - name: Verify first restarted service with health URL, then rest restart in parallel
block: block:
- name: "Restart and enable {{ keycloak.service_name }} service on first host" - name: "Restart and enable {{ keycloak.service_name }} service on first host"
ansible.builtin.systemd: ansible.builtin.systemd:
@ -28,7 +28,10 @@
- keycloak_quarkus_ha_enabled - keycloak_quarkus_ha_enabled
- name: "Restart and enable {{ keycloak.service_name }} service on other hosts" - name: "Restart and enable {{ keycloak.service_name }} service on other hosts"
ansible.builtin.include_tasks: ../restart.yml ansible.builtin.systemd:
delegate_to: "{{ item }}" name: "{{ keycloak.service_name }}"
loop: "{{ ansible_play_hosts }}" enabled: true
state: restarted
daemon_reload: true
become: true
when: inventory_hostname != ansible_play_hosts | first when: inventory_hostname != ansible_play_hosts | first