From 59ba18113490985feaa9e770f04fcbc19fe66bfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= Date: Wed, 28 Jun 2017 17:39:20 +0200 Subject: [PATCH] deploy microcks + customize the sso and 3scale install --- allinone.yml | 7 +- {roles/3scale/tasks => common}/status.yml | 4 +- {roles/sso/tasks => common}/wait_for.yml | 6 +- roles/3scale/tasks/3scale_status.yml | 20 ++++++ roles/3scale/tasks/create_api.yml | 70 +++++++++++++++++++ .../3scale/tasks/create_application_plan.yml | 35 ++++++++++ roles/3scale/tasks/create_applications.yml | 18 +++++ roles/3scale/tasks/main.yml | 68 +++++++++++++++--- roles/3scale/tasks/post-install.yml | 16 +++++ roles/3scale/tasks/wait_for.yml | 9 --- roles/3scale/vars/main.yml | 48 +++++++++++++ roles/microcks/tasks/main.yml | 63 +++++++++++++++++ roles/microcks/tasks/post-install.yml | 5 ++ roles/microcks/tasks/register-service.yml | 40 +++++++++++ roles/microcks/vars/main.yml | 15 ++++ roles/sso/tasks/main.yml | 10 ++- roles/sso/tasks/post-install.yml | 6 +- 17 files changed, 411 insertions(+), 29 deletions(-) rename {roles/3scale/tasks => common}/status.yml (89%) rename {roles/sso/tasks => common}/wait_for.yml (75%) create mode 100644 roles/3scale/tasks/3scale_status.yml create mode 100644 roles/3scale/tasks/create_api.yml create mode 100644 roles/3scale/tasks/create_application_plan.yml create mode 100644 roles/3scale/tasks/create_applications.yml create mode 100644 roles/3scale/tasks/post-install.yml delete mode 100644 roles/3scale/tasks/wait_for.yml create mode 100644 roles/microcks/tasks/main.yml create mode 100644 roles/microcks/tasks/post-install.yml create mode 100644 roles/microcks/tasks/register-service.yml create mode 100644 roles/microcks/vars/main.yml diff --git a/allinone.yml b/allinone.yml index 2c54086..40615d7 100644 --- a/allinone.yml +++ b/allinone.yml @@ -15,8 +15,11 @@ - name: Customize the OpenShift installation hosts: allinone become: yes + vars: + sso_realm: '3scale' roles: - { name: 'openshift-postinstall', tags: 'openshift-postinstall' } - { name: 'hostpath-provisioner', tags: 'hostpath-provisioner' } - - { name: 'sso', tags: 'sso', sso_realm: '3scale' } - - { name: '3scale', tags: '3scale', sso_realm: '3scale' } + - { name: 'microcks', tags: 'microcks' } + - { name: 'sso', tags: 'sso' } + - { name: '3scale', tags: '3scale' } diff --git a/roles/3scale/tasks/status.yml b/common/status.yml similarity index 89% rename from roles/3scale/tasks/status.yml rename to common/status.yml index 1a68db8..ef0db2b 100644 --- a/roles/3scale/tasks/status.yml +++ b/common/status.yml @@ -1,7 +1,7 @@ --- - name: Retrieve current ReplicationController status - command: 'oc get rc -o json -n "{{ threescale_project }}"' + command: 'oc get rc -o json -n "{{ project }}"' register: rc_state changed_when: false @@ -12,7 +12,7 @@ - name: Retrieve current DeploymentConfig status - command: 'oc get dc -o json -n "{{ threescale_project }}"' + command: 'oc get dc -o json -n "{{ project }}"' register: dc_state changed_when: false diff --git a/roles/sso/tasks/wait_for.yml b/common/wait_for.yml similarity index 75% rename from roles/sso/tasks/wait_for.yml rename to common/wait_for.yml index 212b22b..2316e26 100644 --- a/roles/sso/tasks/wait_for.yml +++ b/common/wait_for.yml @@ -1,9 +1,9 @@ --- - name: Wait for all pending deployments to become ready - command: 'oc get rc -o json -n "{{ sso_project }}"' + command: 'oc get rc -o json -n "{{ project }}"' register: rc_state changed_when: false - retries: "{{ sso_retries }}" - delay: "{{ sso_delay }}" + retries: "{{ retries }}" + delay: "{{ delay }}" until: 'rc_state.stdout |from_json |json_query(''items[? status.replicas != `0` && (status.readyReplicas == ""|| status.readyReplicas == `0`) ].metadata.annotations."openshift.io/deployment-config.name"'') |intersect(pod_to_wait) |length == 0' diff --git a/roles/3scale/tasks/3scale_status.yml b/roles/3scale/tasks/3scale_status.yml new file mode 100644 index 0000000..958dcd7 --- /dev/null +++ b/roles/3scale/tasks/3scale_status.yml @@ -0,0 +1,20 @@ +--- + + - name: Get a list of available services + uri: + url: "https://{{ threescale_admin_hostname }}/admin/api/services.json?access_token={{ access_token }}" + validate_certs: no + register: response + + - set_fact: + services: '{{ response.json|json_query(''services[*].service.system_name'') }}' + services_details: '{{ response.json|json_query(''services[].{"system_name": service.system_name, "id": service.id}'') }}' + + - name: Get the list of existing applications + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/applications.json?access_token={{ access_token|urlencode }} + validate_certs: no + register: response + + - set_fact: + applications: '{{ response.json|json_query(''applications[*].application.name'') }}' diff --git a/roles/3scale/tasks/create_api.yml b/roles/3scale/tasks/create_api.yml new file mode 100644 index 0000000..3b4c0b3 --- /dev/null +++ b/roles/3scale/tasks/create_api.yml @@ -0,0 +1,70 @@ +--- + + - debug: msg="Working on service {{ item.service.name }}" + + - set_fact: + body_create_svc: '{{ body_create_svc|default("access_token=" ~ access_token|urlencode) ~ "&" ~ (param.key|urlencode) ~ "=" ~ (param.value|urlencode) }}' + with_dict: '{{ item.service }}' + loop_control: + loop_var: param + when: 'item.service.system_name not in services' + + - name: Create the service + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/services.json + validate_certs: no + method: POST + body: '{{ body_create_svc }}' + status_code: 201 + register: response + when: 'item.service.system_name not in services' + + - set_fact: + services: '{{ services|union([ item.service.system_name ]) }}' + services_details: '{{ services_details|union([{ "system_name": item.service.system_name, "id": response.json.service.id }]) }}' + when: 'item.service.system_name not in services' + + - set_fact: + service_id: '{{ (services_details|selectattr("system_name", "equalto", item.service.system_name)|first)["id"] }}' + + - set_fact: + body_update_proxy: '{{ body_update_proxy|default("access_token=" ~ access_token|urlencode) ~ "&" ~ (param.key|urlencode) ~ "=" ~ (param.value|urlencode) }}' + with_dict: '{{ item.proxy }}' + loop_control: + loop_var: param + + - name: Set Backend URL + set_fact: + body_update_proxy: '{{ body_update_proxy ~ "&api_backend" ~ "=" ~ (threescale_backend_map[item.backend]|urlencode) }}' + when: 'item.backend in threescale_backend_map' + + - name: Update the proxy + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/services/{{ service_id }}/proxy.json + validate_certs: no + method: PATCH + body: '{{ body_update_proxy }}' + + - name: Get the list of existing application plans + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/services/{{ service_id }}/application_plans.json?access_token={{ access_token|urlencode }} + validate_certs: no + register: response + + - set_fact: + application_plans: '{{ response.json|json_query(''plans[*].application_plan.system_name'') }}' + application_plans_details: '{{ response.json|json_query(''plans[].{"system_name": application_plan.system_name, "id": application_plan.id}'') }}' + + - name: Get the default account + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/accounts.json?access_token={{ access_token|urlencode }}&state=approved&page=1&per_page=1 + validate_certs: no + register: response + + - set_fact: + account_id: '{{ response.json.accounts[0].account.id }}' + + - include: create_application_plan.yml + with_items: '{{ item.application_plans }}' + loop_control: + loop_var: plan diff --git a/roles/3scale/tasks/create_application_plan.yml b/roles/3scale/tasks/create_application_plan.yml new file mode 100644 index 0000000..ca3737d --- /dev/null +++ b/roles/3scale/tasks/create_application_plan.yml @@ -0,0 +1,35 @@ +--- + + - debug: msg="Working on plan {{ plan.system_name }} / service {{ item.service.name }}" + + - set_fact: + body_create_plan: '{{ body_create_plan|default("access_token=" ~ access_token|urlencode) ~ "&" ~ (param.key|urlencode) ~ "=" ~ (param.value|urlencode) }}' + with_dict: '{{ plan }}' + loop_control: + loop_var: param + # applications is a nested hash that is used to create client applications later + when: 'param.key != ''applications'' and plan.system_name not in application_plans ' + + - name: Create the application plan + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/services/{{ service_id }}/application_plans.json + validate_certs: no + method: POST + body: '{{ body_create_plan }}' + status_code: 201 + register: response + when: 'plan.system_name not in application_plans' + + - set_fact: + application_plans: '{{ application_plans|union([ plan.system_name ]) }}' + application_plans_details: '{{ application_plans_details|union([{ "system_name": plan.system_name, "id": response.json.application_plan.id }]) }}' + when: 'plan.system_name not in application_plans' + + - set_fact: + plan_id: '{{ (application_plans_details|selectattr("system_name", "equalto", plan.system_name)|first)["id"] }}' + + - include: create_applications.yml + with_items: '{{ plan.applications }}' + loop_control: + loop_var: app + when: 'app.name not in applications' diff --git a/roles/3scale/tasks/create_applications.yml b/roles/3scale/tasks/create_applications.yml new file mode 100644 index 0000000..f2e475f --- /dev/null +++ b/roles/3scale/tasks/create_applications.yml @@ -0,0 +1,18 @@ +--- + + - debug: msg="Working on application {{ app.name }} / plan {{ plan.system_name }} / service {{ item.service.name }}" + + - set_fact: + body_create_app: '{{ body_create_app|default("access_token=" ~ (access_token|urlencode) ~ "&plan_id=" ~ (plan_id)) ~ "&" ~ (param.key|urlencode) ~ "=" ~ (param.value|urlencode) }}' + with_dict: '{{ app }}' + loop_control: + loop_var: param + + - name: Create the application + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/accounts/{{ account_id }}/applications.json + validate_certs: no + method: POST + body: '{{ body_create_app }}' + status_code: 201 + register: response diff --git a/roles/3scale/tasks/main.yml b/roles/3scale/tasks/main.yml index 89e9228..a79b17e 100644 --- a/roles/3scale/tasks/main.yml +++ b/roles/3scale/tasks/main.yml @@ -9,17 +9,33 @@ command: oc new-project "{{ threescale_project }}" when: '"project/" ~ threescale_project not in oc_get_projects.stdout_lines' + - include: common/status.yml + vars: + project: "{{ threescale_project }}" + tags: status + + - set_fact: + deploy_needed: '{{ deployment_configs|intersect(threescale_expected_deployment_configs)|length < threescale_expected_deployment_configs|length }}' + - name: Process the OpenShift Template and create the OpenShift objects for the 3scale API Management Platform shell: oc process -f "{{ threescale_template }}" -p "TENANT_NAME={{ threescale_tenant_name }}" -p "WILDCARD_DOMAIN={{ threescale_wildcard_domain }}" -n "{{ threescale_project }}" | oc create -f - -n "{{ threescale_project }}" register: oc failed_when: oc.rc > 0 and 'Error from server (AlreadyExists):' not in oc.stderr changed_when: oc.rc == 0 + when: deploy_needed + + - name: Wait for OpenShift to create all objects + pause: + seconds: '{{ threescale_delay }}' + when: deploy_needed # Deploy the CORS Configuration for APICast # This is needed to make the "Try out" feature working in the Developer Portal - include: apicast_cors.yml - - include: status.yml + - include: common/status.yml + vars: + project: "{{ threescale_project }}" tags: status - name: Deploy the storage tier (MySQL, Redis and Memcache) without any replicas @@ -42,7 +58,7 @@ when: item not in replication_controllers tags: rollout - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: @@ -50,6 +66,9 @@ - system-memcache - system-mysql - system-redis + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status - name: Deploy the backend-listener without any replicas @@ -66,17 +85,19 @@ when: item not in replication_controllers tags: rollout - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - backend-listener + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status - name: Deploy everything else without any replicas command: oc rollout latest "{{ item }}" -n "{{ threescale_project }}" with_items: - - backend-listener - backend-worker - system-app - system-resque @@ -97,13 +118,16 @@ when: item not in replication_controllers tags: rollout - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - system-app - system-resque - system-sidekiq + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status - name: Scale backend-cron, backend-worker and system-sphinx @@ -115,13 +139,16 @@ when: item not in replication_controllers tags: rollout - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - backend-worker - backend-cron - system-sphinx + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status - name: Deploy apicast-staging, apicast-production @@ -132,12 +159,15 @@ when: item not in replication_controllers tags: rollout - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - apicast-staging - apicast-production + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status - include: configure_apicast_for_oauth.yml @@ -146,14 +176,34 @@ - apicast-production tags: oauth - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - apicast-staging - apicast-production + delay: "{{ threescale_delay }}" + retries: "{{ threescale_retries }}" + project: "{{ threescale_project }}" tags: status + - name: Get Route URL + command: oc get route system-provider-admin-route -n "{{ threescale_project }}" -o 'jsonpath={.spec.host}' + register: route + changed_when: false + tags: status + + - set_fact: + threescale_default_backend_map: + microcks: http://{{ microcks_hostname }} + tags: vars + + - include: post-install.yml + tags: post-install + vars: + threescale_admin_hostname: '{{ route.stdout }}' + threescale_backend_map: '{{ threescale_default_backend_map |combine(threescale_additional_backend_map|default({})) }}' + - name: Get Admin Username command: oc get dc system-app -n "{{ threescale_project }}" -o 'jsonpath={.spec.template.spec.containers[0].env[?(@.name=="USER_LOGIN")].value}' register: username @@ -167,5 +217,5 @@ tags: status - name: 3scale is ready ! - debug: msg="Login on https://{{ threescale_tenant_name }}-admin.{{ threescale_wildcard_domain }} with username = '{{ username.stdout }}' and password = '{{ password.stdout }}'" + debug: msg="Login on https://{{ route.stdout }} with username = '{{ username.stdout }}' and password = '{{ password.stdout }}'" tags: status diff --git a/roles/3scale/tasks/post-install.yml b/roles/3scale/tasks/post-install.yml new file mode 100644 index 0000000..b2c62b8 --- /dev/null +++ b/roles/3scale/tasks/post-install.yml @@ -0,0 +1,16 @@ +--- + + - name: Get the 3scale Administration Access Token + command: oc get dc system-app -n "{{ threescale_project }}" -o 'jsonpath={.spec.template.spec.containers[0].env[?(@.name=="ADMIN_ACCESS_TOKEN")].value}' + register: oc_get_dc + tags: vars + changed_when: false + + - set_fact: + access_token: '{{ oc_get_dc.stdout }}' + tags: vars + + - include: 3scale_status.yml + + - include: create_api.yml + with_items: '{{ threescale_apis_to_create }}' diff --git a/roles/3scale/tasks/wait_for.yml b/roles/3scale/tasks/wait_for.yml deleted file mode 100644 index dafb56b..0000000 --- a/roles/3scale/tasks/wait_for.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- - - - name: Wait for all pending deployments to become ready - command: 'oc get rc -o json -n "{{ threescale_project }}"' - register: rc_state - changed_when: false - retries: "{{ threescale_retries }}" - delay: "{{ threescale_delay }}" - until: 'rc_state.stdout |from_json |json_query(''items[? status.replicas != `0` && (status.readyReplicas == ""|| status.readyReplicas == `0`) ].metadata.annotations."openshift.io/deployment-config.name"'') |intersect(pod_to_wait) |length == 0' diff --git a/roles/3scale/vars/main.yml b/roles/3scale/vars/main.yml index f5ae33d..9cecc4b 100644 --- a/roles/3scale/vars/main.yml +++ b/roles/3scale/vars/main.yml @@ -8,3 +8,51 @@ threescale_retries: 30 threescale_apicast_cors_lua: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/apicast_cors.lua threescale_apicast_cors_conf: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/cors.conf + threescale_expected_deployment_configs: + - apicast-staging + - apicast-production + - backend-redis + - system-memcache + - system-mysql + - system-redis + - backend-listener + - backend-worker + - system-app + - system-resque + - system-sidekiq + - backend-cron + - system-sphinx + threescale_apis_to_create: + - service: + name: "Hello API" + system_name: hello-api + backend_version: 1 # 1 means "API Key" + proxy: + credentials_location: headers + api_test_path: /rest/Hello%20API%20Mock/0.8/v1/hello?David + backend: microcks + application_plans: + - name: Default + system_name: default + default: true + state: published + applications: + - name: Hello App + description: "This is my very first application" + - service: + name: "Hello API OAuth" + system_name: hello-api-oauth + backend_version: oauth + proxy: + credentials_location: headers + api_test_path: /rest/Hello%20API%20Mock/0.8/v1/hello?Gavin + backend: microcks + application_plans: + - name: Default + system_name: default + default: true + state: published + applications: + - name: Hello App with OAuth + description: "This is my very first application using OAuth" + redirect_url: https://www.getpostman.com/oauth2/callback diff --git a/roles/microcks/tasks/main.yml b/roles/microcks/tasks/main.yml new file mode 100644 index 0000000..60e3084 --- /dev/null +++ b/roles/microcks/tasks/main.yml @@ -0,0 +1,63 @@ +--- + + - name: Create the Microcks templates (globally) + command: oc create -n openshift -f {{ microcks_template_url }} + register: oc + failed_when: oc.rc > 0 and 'Error from server (AlreadyExists):' not in oc.stderr + changed_when: oc.rc == 0 + + - name: Get a list of existing projects + command: oc get projects -o name + register: oc_get_projects + changed_when: false + + - name: Create a new project for Microcks + command: oc new-project "{{ microcks_project }}" + when: '"project/" ~ microcks_project not in oc_get_projects.stdout_lines' + + - name: Query existing deploymentconfigs + command: oc get dc -n "{{ microcks_project }}" -o name -l "component={{ microcks_application_name }}" + register: oc_get_dc + changed_when: false + + - name: Deploy app if needed + set_fact: + deploy_needed: "{{ 'deploymentconfig/' ~ microcks_application_name not in oc_get_dc.stdout_lines }}" + + - name: Process the OpenShift Template and create the OpenShift objects + command: oc new-app -n {{ microcks_project }} --template={{ microcks_template_name }} + when: deploy_needed + + - name: Wait for OpenShift to create all objects + pause: + seconds: '{{ microcks_delay }}' + when: deploy_needed + + - include: common/wait_for.yml + static: no + vars: + pod_to_wait: + - microcks + delay: "{{ microcks_delay }}" + retries: "{{ microcks_retries }}" + project: "{{ microcks_project }}" + tags: status + + - name: Get Route URL + command: oc get route {{ microcks_application_name }} -n "{{ microcks_project }}" -o 'jsonpath={.spec.host}' + register: route + changed_when: false + tags: + - status + - vars + + - set_fact: + microcks_hostname: '{{ route.stdout }}' + tags: vars + + - include: post-install.yml + tags: post-install + + - name: Microcks is ready ! + debug: msg="Go to http://{{ route.stdout }}/ to start using Microcks !" + tags: status diff --git a/roles/microcks/tasks/post-install.yml b/roles/microcks/tasks/post-install.yml new file mode 100644 index 0000000..5b0a435 --- /dev/null +++ b/roles/microcks/tasks/post-install.yml @@ -0,0 +1,5 @@ +--- + + - include: "register-service.yml" + static: no + with_items: "{{ microcks_sample_jobs }}" diff --git a/roles/microcks/tasks/register-service.yml b/roles/microcks/tasks/register-service.yml new file mode 100644 index 0000000..17b5767 --- /dev/null +++ b/roles/microcks/tasks/register-service.yml @@ -0,0 +1,40 @@ +--- + + - debug: "msg='Working on service {{ item.name }}'" + + - name: Check if service exists + uri: + url: "http://{{ microcks_hostname }}/api/jobs?name={{ item.name|urlencode }}" + method: GET + status_code: 200 + register: services + + - set_fact: + service_id: '{{ services.json[0].id }}' + when: services.json|length > 0 + + - name: Register sample service + uri: + url: http://{{ microcks_hostname }}/api/jobs + method: POST + body: "{{ item }}" + body_format: json + status_code: 201 + register: service + when: services.json|length == 0 + + - set_fact: + service_id: '{{ service.json.id }}' + when: '"json" in service' # => service.json is defined + + - name: Activate the service + uri: + url: http://{{ microcks_hostname }}/api/jobs/{{ service_id }}/activate + method: PUT + status_code: 200 + + - name: Start the service + uri: + url: http://{{ microcks_hostname }}/api/jobs/{{ service_id }}/start + method: PUT + status_code: 200 diff --git a/roles/microcks/vars/main.yml b/roles/microcks/vars/main.yml new file mode 100644 index 0000000..7d3ee2b --- /dev/null +++ b/roles/microcks/vars/main.yml @@ -0,0 +1,15 @@ +--- + + microcks_project: microcks + microcks_template_url: https://raw.githubusercontent.com/microcks/microcks/master/openshift-persistent-template.json + microcks_template_name: microcks-persistent + microcks_application_name: microcks + microcks_delay: 5 + microcks_retries: 30 + microcks_sample_jobs: + - name: Petstore + repositoryUrl: https://raw.githubusercontent.com/microcks/microcks/master/samples/PetstoreAPI-collection.json + - name: HelloREST + repositoryUrl: https://raw.githubusercontent.com/microcks/microcks/master/samples/HelloAPI-soapui-project.xml + - name: HelloSOAP + repositoryUrl: https://raw.githubusercontent.com/microcks/microcks/master/samples/HelloService-soapui-project.xml diff --git a/roles/sso/tasks/main.yml b/roles/sso/tasks/main.yml index 01613b5..e35c744 100644 --- a/roles/sso/tasks/main.yml +++ b/roles/sso/tasks/main.yml @@ -84,15 +84,23 @@ command: oc new-app -n {{ sso_project }} {{ sso_template }} -p "HTTPS_PASSWORD={{ sso_keystore_password }}" -p "JGROUPS_ENCRYPT_PASSWORD={{ sso_keystore_password }}" -p "SSO_REALM={{ sso_realm }}" -p "SSO_ADMIN_USERNAME={{ sso_admin_username }}" -p "APPLICATION_NAME={{ sso_application_name }}" -p "SSO_SERVICE_PASSWORD={{ sso_service_password }}" -p "SSO_SERVICE_USERNAME={{ sso_service_username }}" when: deploy_needed + - name: Wait for OpenShift to create all objects + pause: + seconds: '{{ sso_delay }}' + when: deploy_needed + # Update the secure route to use "Re-encrypt" instead of "Passthrough" - include: update-route.yml tags: update-route - - include: wait_for.yml + - include: common/wait_for.yml static: no vars: pod_to_wait: - sso + delay: "{{ sso_delay }}" + retries: "{{ sso_retries }}" + project: "{{ sso_project }}" tags: status - name: Get Admin Username diff --git a/roles/sso/tasks/post-install.yml b/roles/sso/tasks/post-install.yml index d651e80..ee2b81d 100644 --- a/roles/sso/tasks/post-install.yml +++ b/roles/sso/tasks/post-install.yml @@ -82,7 +82,7 @@ - set_fact: user_has_been_created: true - user_id: "{{ response.json.id }}" + user_url: "{{ response.location }}" when: response.status == 201 - name: Retrieve the id of the Demo User @@ -97,12 +97,12 @@ when: user_has_been_created is not defined - set_fact: - user_id: "{{ response.json[0].id }}" + user_url: "https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users/{{ response.json[0].id }}" when: user_has_been_created is not defined - name: Set the password of the Demo User uri: - url: https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users/{{ user_id }}/reset-password + url: "{{ user_url }}/reset-password" validate_certs: no headers: Authorization: 'Bearer {{ access_token }}'