From a7b9f0ef97132f0e9e5c1dfa77bb6267cdd80d47 Mon Sep 17 00:00:00 2001 From: Deven Phillips Date: Tue, 30 Apr 2024 14:27:42 -0400 Subject: [PATCH 1/2] Add option to override JDBC download parameters --- roles/keycloak_quarkus/meta/argument_specs.yml | 9 +++++++++ roles/keycloak_quarkus/tasks/jdbc_driver.yml | 13 +++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/roles/keycloak_quarkus/meta/argument_specs.yml b/roles/keycloak_quarkus/meta/argument_specs.yml index 460c9a77..c1ebe8f9 100644 --- a/roles/keycloak_quarkus/meta/argument_specs.yml +++ b/roles/keycloak_quarkus/meta/argument_specs.yml @@ -372,6 +372,15 @@ argument_specs: description: "Activation delay for service systemd unit (seconds)" default: 10 type: 'int' + keycloak_quarkus_jdbc_download_url: + description: "Override the default Maven Central download URL for the JDBC driver" + type: "str" + keycloak_quarkus_jdbc_download_user: + description: "Set a username with which to authenticate when downloading JDBC drivers from an alternative location" + type: "str" + keycloak_quarkus_jdbc_download_pass: + description: "Set a password with which to authenticate when downloading JDBC drivers from an alternative location (requires keycloak_quarkus_jdbc_download_user)" + type: "str" downstream: options: rhbk_version: diff --git a/roles/keycloak_quarkus/tasks/jdbc_driver.yml b/roles/keycloak_quarkus/tasks/jdbc_driver.yml index 310509a7..bcb7069e 100644 --- a/roles/keycloak_quarkus/tasks/jdbc_driver.yml +++ b/roles/keycloak_quarkus/tasks/jdbc_driver.yml @@ -1,10 +1,19 @@ --- -- name: "Retrieve JDBC Driver from {{ keycloak_jdbc[keycloak_quarkus_jdbc_engine].driver_jar_url }}" +- name: Verify valid parameters for download credentials when specified + fail: + msg: >- + When JDBC driver download credentials are set, both the username and the password MUST be set + when: + - keycloak_jdbc_download_user is undefined and keycloak_jdbc_download_pass is not undefined + - keycloak_jdbc_download_pass is undefined and keycloak_jdbc_download_user is not undefined +- name: "Retrieve JDBC Driver from {{ keycloak_jdbc_download_user | default(keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].driver_jar_url) }}" ansible.builtin.get_url: - url: "{{ keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].driver_jar_url }}" + url: "{{ keycloak_jdbc_download_url | default(keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].driver_jar_url) }}" dest: "{{ keycloak.home }}/providers" owner: "{{ keycloak.service_user }}" group: "{{ keycloak.service_group }}" + url_username: "{{ keycloak_jdbc_download_user | default(omit) }}" + url_password: "{{ keycloak_jdbc_download_pass | default(omit) }}" mode: '0640' become: true notify: From c2904bf20d24c9d17b974e5061c39369a3f5e604 Mon Sep 17 00:00:00 2001 From: Deven Phillips Date: Tue, 30 Apr 2024 14:48:10 -0400 Subject: [PATCH 2/2] Use FQCN for fail module --- roles/keycloak_quarkus/tasks/jdbc_driver.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/keycloak_quarkus/tasks/jdbc_driver.yml b/roles/keycloak_quarkus/tasks/jdbc_driver.yml index bcb7069e..11fa385f 100644 --- a/roles/keycloak_quarkus/tasks/jdbc_driver.yml +++ b/roles/keycloak_quarkus/tasks/jdbc_driver.yml @@ -1,6 +1,6 @@ --- -- name: Verify valid parameters for download credentials when specified - fail: +- name: "Verify valid parameters for download credentials when specified" + ansible.builtin.fail: msg: >- When JDBC driver download credentials are set, both the username and the password MUST be set when: