community.general/tests/integration/targets/keycloak_component_info/tasks/main.yml

---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Wait for Keycloak
  uri:
    url: "{{ url }}/admin/"
    status_code: 200
    validate_certs: no
  register: result
  until: result.status == 200
  retries: 10
  delay: 10

- name: Delete realm if exists
  community.general.keycloak_realm:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    state: absent

- name: Create realm
  community.general.keycloak_realm:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    id: "{{ realm }}"
    realm: "{{ realm }}"
    state: present

- name: Retrive ldap info when absent
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    name: "{{ federation }}"
    provider_type: "org.keycloak.storage.UserStorageProvider"
    realm: "{{ realm }}"
  register: result

- name: Assert ldap is missing
  assert:
    that:
    - result is not changed
    - result.components | length == 0

- name: Create new user federation
  community.general.keycloak_user_federation:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    name: "{{ federation }}"
    state: present
    provider_id: ldap
    provider_type: org.keycloak.storage.UserStorageProvider
    config:
      enabled: true
      priority: 0
      fullSyncPeriod: -1
      changedSyncPeriod: -1
      cachePolicy: DEFAULT
      batchSizeForSync: 1000
      editMode: READ_ONLY
      importEnabled: true
      syncRegistrations: false
      vendor: other
      usernameLDAPAttribute: uid
      rdnLDAPAttribute: uid
      uuidLDAPAttribute: entryUUID
      userObjectClasses: "inetOrgPerson, organizationalPerson"
      connectionUrl: "ldap://ldap.example.com"
      usersDn: "ou=Users,dc=example,dc=com"
      authType: simple
      bindDn: cn=directory reader
      bindCredential: secret
      searchScope: 1
      validatePasswordPolicy: false
      trustEmail: false
      useTruststoreSpi: "ldapsOnly"
      connectionPooling: true
      pagination: true
      allowKerberosAuthentication: false
      useKerberosForPasswordAuthentication: false
      debug: false

- name: Retrive ldap info
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    name: "{{ federation }}"
    provider_type: "org.keycloak.storage.UserStorageProvider"
    realm: "{{ realm }}"
  register: result

- name: Assert ldap exists
  assert:
    that:
    - result is not changed
    - result.components | length == 1
    - result.components[0].name == federation

- name: Save ldap id
  set_fact:
    myLdapId: "{{ result.components[0].id }}"

- name: Retrive ldap subcomponents info 
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    parent_id: "{{ myLdapId }}"
  register: result

- name: Assert components exists
  assert:
    that:
    - result is not changed
    - result.components | length > 0

- name: Retrive ldap subcomponents filter by name 
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    parent_id: "{{ myLdapId }}"
    name: "email"
  register: result

- name: Assert sub component with name "email" exists
  assert:
    that:
    - result is not changed
    - result.components | length == 1
    - result.components[0].name == "email"

- name: Retrive ldap subcomponents filter by type 
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    parent_id: "{{ myLdapId }}"
    provider_type: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
  register: result

- name: Assert ldap sub components filter by type
  assert:
    that:
    - result is not changed
    - result.components | length > 0
    - result.components[0].providerType == "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"

- name: Retrive key info when absent
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    name: "{{ realm_key_name }}"
    provider_type: "org.keycloak.keys.KeyProvider"
    realm: "{{ realm }}"
  register: result

- name: Assert key is missing
  assert:
    that:
    - result is not changed
    - result.components | length == 0

- name: Create custom realm key
  community.general.keycloak_realm_key:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    name: "{{ realm_key_name }}"
    state: present
    parent_id: "{{ realm }}"
    config:
      private_key: "{{ realm_private_key }}"
      certificate: ""
      enabled: true
      active: true
      priority: 150
  register: result

- name: Retrive key info
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    name: "{{ realm_key_name }}"
    provider_type: "org.keycloak.keys.KeyProvider"
    realm: "{{ realm }}"
  register: result

- name: Assert key exists
  assert:
    that:
    - result is not changed
    - result.components | length == 1

- name: Retrive all realm components
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
  register: result

- name: Assert key exists
  assert:
    that:
    - result is not changed
    - result.components | length > 0

- name: Retrive all ldap in realm
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    provider_type: "org.keycloak.storage.UserStorageProvider"
  register: result

- name: Assert key exists
  assert:
    that:
    - result is not changed
    - result.components | length == 1
    - result.components[0].providerType == "org.keycloak.storage.UserStorageProvider"
    - result.components[0].name == "myldap"

- name: Retrive component by name only
  community.general.keycloak_component_info:
    auth_keycloak_url: "{{ url }}"
    auth_realm: "{{ admin_realm }}"
    auth_username: "{{ admin_user }}"
    auth_password: "{{ admin_password }}"
    realm: "{{ realm }}"
    name: "{{ realm_key_name }}"
  register: result

- name: Assert key exists
  assert:
    that:
    - result is not changed
    - result.components | length == 1
    - result.components[0].providerType == "org.keycloak.keys.KeyProvider"
    - result.components[0].name == realm_key_name
Keycloak components info (#7694) * Before test * first test * test * Sanity ok * Fixe readme * Refactor * Sanity * Fixe doc * version added * refactor * Copyright * Sanity * Sanity * Fixe text * Encode providerType * Test for failed ic * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_component_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * Delete changelogs/fragments/7694-Keycloak-components-info.yml --------- Co-authored-by: Andre Desrosiers <andre.desrosiers@ssss.gouv.qc.ca> Co-authored-by: Felix Fontein <felix@fontein.de> 2023-12-28 18:11:55 +01:00			`---`
			`# Copyright (c) Ansible Project`
			`# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)`
			`# SPDX-License-Identifier: GPL-3.0-or-later`
			`- name: Wait for Keycloak`
			`uri:`
			`url: "{{ url }}/admin/"`
			`status_code: 200`
			`validate_certs: no`
			`register: result`
			`until: result.status == 200`
			`retries: 10`
			`delay: 10`

			`- name: Delete realm if exists`
			`community.general.keycloak_realm:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`state: absent`

			`- name: Create realm`
			`community.general.keycloak_realm:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`id: "{{ realm }}"`
			`realm: "{{ realm }}"`
			`state: present`

			`- name: Retrive ldap info when absent`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`name: "{{ federation }}"`
			`provider_type: "org.keycloak.storage.UserStorageProvider"`
			`realm: "{{ realm }}"`
			`register: result`

			`- name: Assert ldap is missing`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 0`

			`- name: Create new user federation`
			`community.general.keycloak_user_federation:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`name: "{{ federation }}"`
			`state: present`
			`provider_id: ldap`
			`provider_type: org.keycloak.storage.UserStorageProvider`
			`config:`
			`enabled: true`
			`priority: 0`
			`fullSyncPeriod: -1`
			`changedSyncPeriod: -1`
			`cachePolicy: DEFAULT`
			`batchSizeForSync: 1000`
			`editMode: READ_ONLY`
			`importEnabled: true`
			`syncRegistrations: false`
			`vendor: other`
			`usernameLDAPAttribute: uid`
			`rdnLDAPAttribute: uid`
			`uuidLDAPAttribute: entryUUID`
			`userObjectClasses: "inetOrgPerson, organizationalPerson"`
			`connectionUrl: "ldap://ldap.example.com"`
			`usersDn: "ou=Users,dc=example,dc=com"`
			`authType: simple`
			`bindDn: cn=directory reader`
			`bindCredential: secret`
			`searchScope: 1`
			`validatePasswordPolicy: false`
			`trustEmail: false`
			`useTruststoreSpi: "ldapsOnly"`
			`connectionPooling: true`
			`pagination: true`
			`allowKerberosAuthentication: false`
			`useKerberosForPasswordAuthentication: false`
			`debug: false`

			`- name: Retrive ldap info`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`name: "{{ federation }}"`
			`provider_type: "org.keycloak.storage.UserStorageProvider"`
			`realm: "{{ realm }}"`
			`register: result`

			`- name: Assert ldap exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 1`
			`- result.components[0].name == federation`

			`- name: Save ldap id`
			`set_fact:`
			`myLdapId: "{{ result.components[0].id }}"`

			`- name: Retrive ldap subcomponents info`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`parent_id: "{{ myLdapId }}"`
			`register: result`

			`- name: Assert components exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length > 0`

			`- name: Retrive ldap subcomponents filter by name`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`parent_id: "{{ myLdapId }}"`
			`name: "email"`
			`register: result`

			`- name: Assert sub component with name "email" exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 1`
			`- result.components[0].name == "email"`

			`- name: Retrive ldap subcomponents filter by type`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`parent_id: "{{ myLdapId }}"`
			`provider_type: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"`
			`register: result`

			`- name: Assert ldap sub components filter by type`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length > 0`
			`- result.components[0].providerType == "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"`

			`- name: Retrive key info when absent`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`name: "{{ realm_key_name }}"`
			`provider_type: "org.keycloak.keys.KeyProvider"`
			`realm: "{{ realm }}"`
			`register: result`

			`- name: Assert key is missing`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 0`

			`- name: Create custom realm key`
			`community.general.keycloak_realm_key:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`name: "{{ realm_key_name }}"`
			`state: present`
			`parent_id: "{{ realm }}"`
			`config:`
			`private_key: "{{ realm_private_key }}"`
			`certificate: ""`
			`enabled: true`
			`active: true`
			`priority: 150`
			`register: result`

			`- name: Retrive key info`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`name: "{{ realm_key_name }}"`
			`provider_type: "org.keycloak.keys.KeyProvider"`
			`realm: "{{ realm }}"`
			`register: result`

			`- name: Assert key exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 1`

			`- name: Retrive all realm components`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`register: result`

			`- name: Assert key exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length > 0`

			`- name: Retrive all ldap in realm`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`provider_type: "org.keycloak.storage.UserStorageProvider"`
			`register: result`

			`- name: Assert key exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 1`
			`- result.components[0].providerType == "org.keycloak.storage.UserStorageProvider"`
			`- result.components[0].name == "myldap"`

			`- name: Retrive component by name only`
			`community.general.keycloak_component_info:`
			`auth_keycloak_url: "{{ url }}"`
			`auth_realm: "{{ admin_realm }}"`
			`auth_username: "{{ admin_user }}"`
			`auth_password: "{{ admin_password }}"`
			`realm: "{{ realm }}"`
			`name: "{{ realm_key_name }}"`
			`register: result`

			`- name: Assert key exists`
			`assert:`
			`that:`
			`- result is not changed`
			`- result.components \| length == 1`
			`- result.components[0].providerType == "org.keycloak.keys.KeyProvider"`
			`- result.components[0].name == realm_key_name`