Switch collection dep from jcliff to wildfly

Enhance wait message with keycloak healthcheck URL

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: middleware_automation
 name: keycloak
-version: "0.1.0"
+version: "0.1.2"
 readme: README.md
 authors:
   - Romain Pelisse <rpelisse@redhat.com>
@@ -15,7 +15,7 @@ tags:
   - sso
 dependencies:
   "middleware_automation.redhat_csp_download": ">=1.2.1"
-  "middleware_automation.jcliff": ">=0.0.19"
+  "middleware_automation.wildfly": ">=0.0.4"
 repository: https://github.com/ansible-middleware/keycloak
 documentation: https://github.com/ansible-middleware/keycloak
 homepage: https://github.com/ansible-middleware/keycloak

roles/keycloak/README.md

@@ -4,6 +4,12 @@ keycloak
 Install [keycloak](https://keycloak.org/) or [Red Hat Single Sing-On](https://access.redhat.com/products/red-hat-single-sign-on) server configurations.
 
 
+Requirements
+------------
+
+This role requires the `python3-netaddr` library installed on the controller node.
+
+
 Role Defaults
 -------------
 
@@ -20,6 +26,7 @@ Role Defaults
 |`keycloak_management_https_port`| TLS management port | `9993`
 |`keycloak_java_opts`| | `-Xms1024m -Xmx20480m -XX:MaxPermSize=768m`
 
+
 Role Variables
 --------------
 
@@ -65,7 +72,7 @@ Dependencies
 The roles depends on:
 
 * the redhat_csp_download role from [middleware_automation.redhat_csp_download](https://github.com/ansible-middleware/redhat-csp-download) collection
-* the wildfly_driver role from [middleware_automation.jcliff](https://github.com/ansible-middleware/ansible_collections_jcliff) collection
+* the wildfly_driver role from [middleware_automation.wildfly](https://github.com/ansible-middleware/wildfly) collection
 
 
 Example Playbook

roles/keycloak/meta/main.yml

@@ -1,3 +1,28 @@
+---
 collections:
   - middleware_automation.redhat_csp_download
-  - middleware_automation.jcliff
+  - middleware_automation.wildfly
+
+galaxy_info:
+  role_name: keycloak
+  namespace: middleware_automation
+  author: Romain Pelisse, Guido Grazioli
+  description: Install keycloak or Red Hat Single Sing-On server configurations
+  company: Red Hat, Inc.
+
+  license: Apache License 2.0
+
+  min_ansible_version: "2.9"
+
+  platforms:
+   - name: EL
+     versions:
+     - 7
+     - 8
+
+  galaxy_tags:
+    - keycloak
+    - redhat
+    - rhel
+    - rhn
+    - sso

roles/keycloak/tasks/systemd.yml

@@ -56,10 +56,13 @@
 
 - meta: flush_handlers
 
-- name: Wait until Keycloak becomes active
+- set_fact:
+    health_url: "{{ keycloak_management_url }}/health"
+
+- name: "Wait until Keycloak becomes active {{ health_url }}"
   uri:
-    url: "{{ keycloak_management_url }}/health"
+    url: "{{ health_url }}"
   register: keycloak_status
   until: keycloak_status.status == 200
-  retries: 20
+  retries: 25
   delay: 10

roles/keycloak/templates/standalone-infinispan.xml.j2

@@ -498,21 +498,15 @@
             <stacks>
                 <stack name="tcp">
                     <transport site="${jboss.node.name}" type="TCP" socket-binding="jgroups-tcp"/>
+{% if keycloak_jdbc[keycloak_jdbc_engine].enabled %}
                     <protocol type="JDBC_PING">
                         <property name="datasource_jndi_name">java:jboss/datasources/KeycloakDS</property>
-                        <property name="initialize_sql">
-                            CREATE TABLE IF NOT EXISTS JGROUPSPING (
-                            own_addr varchar(200) NOT NULL,
-                            cluster_name varchar(200) NOT NULL,
-                            updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-                            ping_data varbinary(5000) DEFAULT NULL,
-                            PRIMARY KEY (own_addr, cluster_name))
-                            ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin
-                        </property>
+                        <property name="initialize_sql">{{ keycloak_jdbc[keycloak_jdbc_engine].initialize_db }}</property>
                         <property name="insert_single_sql">INSERT INTO JGROUPSPING (own_addr, cluster_name, ping_data) values (?, ?, ?)</property>
                         <property name="delete_single_sql">DELETE FROM JGROUPSPING WHERE own_addr=? AND cluster_name=?</property>
                         <property name="select_all_pingdata_sql">SELECT ping_data FROM JGROUPSPING WHERE cluster_name=?</property>
                     </protocol>
+{% endif %}
                     <protocol type="MERGE3"/>
                     <protocol type="FD_SOCK"/>
                     <protocol type="FD_ALL"/>

roles/keycloak/templates/standalone-rhsso-jdg.xml.j2

@@ -498,21 +498,15 @@
             <stacks>
                 <stack name="tcp">
                     <transport site="${jboss.node.name}" type="TCP" socket-binding="jgroups-tcp"/>
+{% if keycloak_jdbc[keycloak_jdbc_engine].enabled %}
                     <protocol type="JDBC_PING">
                         <property name="datasource_jndi_name">java:jboss/datasources/KeycloakDS</property>
-                        <property name="initialize_sql">
-                            CREATE TABLE IF NOT EXISTS JGROUPSPING (
-                            own_addr varchar(200) NOT NULL,
-                            cluster_name varchar(200) NOT NULL,
-                            updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-                            ping_data varbinary(5000) DEFAULT NULL,
-                            PRIMARY KEY (own_addr, cluster_name))
-                            ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin
-                        </property>
+                        <property name="initialize_sql">{{ keycloak_jdbc[keycloak_jdbc_engine].initialize_db }}</property>
                         <property name="insert_single_sql">INSERT INTO JGROUPSPING (own_addr, cluster_name, ping_data) values (?, ?, ?)</property>
                         <property name="delete_single_sql">DELETE FROM JGROUPSPING WHERE own_addr=? AND cluster_name=?</property>
                         <property name="select_all_pingdata_sql">SELECT ping_data FROM JGROUPSPING WHERE cluster_name=?</property>
                     </protocol>
+{% endif %}
                     <protocol type="MERGE3"/>
                     <protocol type="FD_SOCK"/>
                     <protocol type="FD_ALL"/>

roles/keycloak/vars/main.yml

@@ -11,7 +11,7 @@ keycloak_management_url: "http://{{ keycloak_host }}:{{ keycloak_management_http
 # database
 keycloak_jdbc:
   postgres:
-    enabled: "{{ keycloak_ha_enabled and keycloak_jdbc_engine == 'postgres' }}"
+    enabled: "{{ (keycloak_ha_enabled or keycloak_db_enabled) and keycloak_jdbc_engine == 'postgres' }}"
     driver_class: org.postgresql.Driver
     xa_datasource_class: org.postgresql.xa.PGXADataSource
     driver_module_name: "org.postgresql"
@@ -22,8 +22,15 @@ keycloak_jdbc:
     connection_url: "{{ postgres_jdbc_url }}"
     db_user: "{{ postgres_db_user }}"
     db_password: "{{ postgres_db_pass }}"
+    initialize_db: >
+      CREATE TABLE IF NOT EXISTS JGROUPSPING (
+        own_addr varchar(200) NOT NULL,
+        cluster_name varchar(200) NOT NULL,
+        updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        ping_data BYTEA,
+        constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name))
   mariadb:
-    enabled: "{{ keycloak_ha_enabled and keycloak_jdbc_engine == 'mariadb' }}"
+    enabled: "{{ (keycloak_ha_enabled or keycloak_db_enabled) and keycloak_jdbc_engine == 'mariadb' }}"
     driver_class: org.mariadb.jdbc.Driver
     xa_datasource_class: org.mariadb.jdbc.MySQLDataSource
     driver_module_name: "org.mariadb"
@@ -34,6 +41,14 @@ keycloak_jdbc:
     connection_url: "{{ mariadb_jdbc_url }}"
     db_user: "{{ mariadb_db_user  }}"
     db_password: "{{ mariadb_db_pass }}"
+    initialize_db: >
+      CREATE TABLE IF NOT EXISTS JGROUPSPING (
+        own_addr varchar(200) NOT NULL,
+        cluster_name varchar(200) NOT NULL,
+        updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+        ping_data varbinary(5000) DEFAULT NULL,
+        PRIMARY KEY (own_addr, cluster_name))
+      ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin
 
 # reverse proxy mod_cluster
 keycloak_modcluster:

roles/keycloak_realm/README.md

@@ -4,6 +4,12 @@ keycloak_realm
 Create realms and clients in [keycloak](https://keycloak.org/) or [Red Hat Single Sing-On](https://access.redhat.com/products/red-hat-single-sign-on) services.
 
 
+Requirements
+------------
+
+This role requires `python3-netaddr` library installed on the controller node.
+
+
 Role Defaults
 -------------
 

roles/keycloak_realm/meta/main.yml

@@ -1 +1,24 @@
 ---
+galaxy_info:
+  role_name: keycloak_realm
+  namespace: middleware_automation
+  author: Romain Pelisse, Guido Grazioli
+  description: Create realms and clients in keycloak or Red Hat Single Sing-On
+  company: Red Hat, Inc.
+
+  license: Apache License 2.0
+
+  min_ansible_version: "2.9"
+
+  platforms:
+   - name: EL
+     versions:
+     - 7
+     - 8
+
+  galaxy_tags:
+    - keycloak
+    - redhat
+    - rhel
+    - rhn
+    - sso