Skip to content

Commit

Permalink
Move to using kcadm-wrapper config file so that script is just a scri…
Browse files Browse the repository at this point in the history
…pt and not a template
  • Loading branch information
treydock committed Nov 17, 2024
1 parent 2cd3e8c commit e7e2a3b
Show file tree
Hide file tree
Showing 6 changed files with 45 additions and 21 deletions.
13 changes: 13 additions & 0 deletions files/kcadm-wrapper.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/bin/bash

# shellcheck source=/dev/null
. /opt/keycloak/conf/kcadm-wrapper.conf

EXPIRES=$(/usr/bin/sed -n -r 's|.*"refreshExpiresAt" : ([0-9]*).*|\1|p' "$CONFIG" || echo "0")
NOW=$(/usr/bin/date +%s%3N)

if [ ! -f "$CONFIG" ] || [ "$EXPIRES" -gt "$NOW" ]; then
${KCADM} config credentials --config "$CONFIG" --server "$SERVER" --realm "$REALM" --user "$ADMIN_USER" --password "$PASSWORD"
fi

${KCADM} "$@" --config "$CONFIG"
25 changes: 20 additions & 5 deletions manifests/config.pp
Original file line number Diff line number Diff line change
Expand Up @@ -9,18 +9,33 @@
}
}

# Template uses:
# - $keycloak::install_base
# - $keycloak::admin_user
# - $keycloak::admin_user_password
$wrapper_conf = {
'KCADM' => "${keycloak::install_base}/bin/kcadm.sh",
'CONFIG' => "${keycloak::conf_dir}/kcadm.config",
'SERVER' => $keycloak::wrapper_server,
'REALM' => 'master',
'ADMIN_USER' => $keycloak::admin_user,
'PASSWORD' => $keycloak::admin_user_password,
}
file { 'kcadm-wrapper.conf':
ensure => 'file',
path => $keycloak::wrapper_conf,
owner => $keycloak::user,
group => $keycloak::group,
mode => '0640',
content => epp('keycloak/shell_vars.epp', { 'vars' => $wrapper_conf }),
show_diff => false,
}

file { 'kcadm-wrapper.sh':
ensure => 'file',
path => $keycloak::wrapper_path,
owner => $keycloak::user,
group => $keycloak::group,
mode => '0750',
content => template('keycloak/kcadm-wrapper.sh.erb'),
source => 'puppet:///modules/keycloak/kcadm-wrapper.sh',
show_diff => false,
require => File['kcadm-wrapper.conf'],
}

file { $keycloak::conf_dir:
Expand Down
3 changes: 2 additions & 1 deletion manifests/init.pp
Original file line number Diff line number Diff line change
Expand Up @@ -240,7 +240,7 @@
Optional[Stdlib::Absolutepath] $service_environment_file = undef,
Stdlib::Filemode $conf_dir_mode = '0755',
Boolean $conf_dir_purge = true,
Array $conf_dir_purge_ignore = ['cache-ispn.xml', 'README.md', 'truststore.jks'],
Array $conf_dir_purge_ignore = ['cache-ispn.xml', 'README.md', 'truststore.jks', 'kcadm.config'],
Keycloak::Configs $configs = {},
Hash[String, Variant[String[1],Boolean,Array]] $extra_configs = {},
Variant[Stdlib::Host, Stdlib::HTTPUrl, Stdlib::HTTPSUrl, Enum['unset','UNSET']] $hostname = $facts['networking']['fqdn'],
Expand Down Expand Up @@ -330,6 +330,7 @@
$tmp_dir = "${install_base}/tmp"
$providers_dir = "${install_base}/providers"
$wrapper_path = "${keycloak::install_base}/bin/kcadm-wrapper.sh"
$wrapper_conf = "${conf_dir}/kcadm-wrapper.conf"

$default_config = {
'hostname' => $hostname,
Expand Down
3 changes: 2 additions & 1 deletion spec/classes/init_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,9 @@
owner: 'keycloak',
group: 'keycloak',
mode: '0750',
content: %r{.*},
source: 'puppet:///modules/keycloak/kcadm-wrapper.sh',
show_diff: 'false',
require: 'File[kcadm-wrapper.conf]',
)
end

Expand Down
14 changes: 0 additions & 14 deletions templates/kcadm-wrapper.sh.erb

This file was deleted.

8 changes: 8 additions & 0 deletions templates/shell_vars.epp
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
<%- |
Hash[String, String] $vars
| -%>
# This file is managed by Puppet, DO NOT EDIT

<% $vars.each |$key, $value| { -%>
<%= $key %>='<%= $value %>'
<% } -%>

0 comments on commit e7e2a3b

Please sign in to comment.