AMW-467 Download keycloak binary from password protected HTTP location

roles/keycloak/defaults/main.yml

@@ -7,6 +7,10 @@ keycloak_download_url_9x: "https://downloads.jboss.org/keycloak/{{ keycloak_vers
 keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
 keycloak_offline_install: false
 
+# Authentication for Keycloak binary download (e.g. from internal artifact repository)
+keycloak_binary_download_user:
+keycloak_binary_download_pass:
+
 ### Install location and service settings
 keycloak_java_home:
 keycloak_dest: /opt/keycloak

roles/keycloak/meta/argument_specs.yml

@@ -333,6 +333,14 @@ argument_specs:
                 default: true
                 description: "Allow the option to ignore invalid certificates when downloading JDBC drivers from a custom URL"
                 type: "bool"
+            keycloak_binary_download_user:
+                description: "Username for HTTP Basic Auth when downloading Keycloak binary"
+                type: "str"
+                required: false
+            keycloak_binary_download_pass:
+                description: "Password for HTTP Basic Auth when downloading Keycloak binary"
+                type: "str"
+                required: false
     downstream:
         options:
             sso_version:

roles/keycloak/tasks/install.yml

@@ -85,6 +85,8 @@
     url: "{{ keycloak_download_url }}"
     dest: "{{ local_path.stat.path }}/{{ keycloak.bundle }}"
     mode: '0644'
+    url_username: "{{ keycloak_binary_download_user | default(omit) }}"
+    url_password: "{{ keycloak_binary_download_pass | default(omit) }}"
   delegate_to: localhost
   run_once: true
   when: