|
@@ -5,8 +5,9 @@
|
|
|
# Required variables (some are reused from deploy-rhbk role):
|
|
# Required variables (some are reused from deploy-rhbk role):
|
|
|
#
|
|
#
|
|
|
# openshift:
|
|
# openshift:
|
|
|
-# rhbk_client_id: the name of a client above to use for authentication (default "openshift")
|
|
|
|
|
-# create_groups: whether to create the groups from realm in OpenShift as well (default yes)
|
|
|
|
|
|
|
+# sso_provider_name: the name to use for the identityProvider (default "oidc")
|
|
|
|
|
+# rhbk_client_id: the name of a client above to use for authentication (default "openshift")
|
|
|
|
|
+# create_groups: whether to create the groups from realm in OpenShift as well (default yes)
|
|
|
#
|
|
#
|
|
|
# rhbk:
|
|
# rhbk:
|
|
|
# namespace: namespace to deploy to (keycloak)
|
|
# namespace: namespace to deploy to (keycloak)
|
|
@@ -24,6 +25,8 @@
|
|
|
# - either a fqdn or an existing keycloak resource coordinates
|
|
# - either a fqdn or an existing keycloak resource coordinates
|
|
|
# - admin credentials
|
|
# - admin credentials
|
|
|
#
|
|
#
|
|
|
|
|
+# TODO: patch console.config/cluster with spec.authentication.logoutRedirect to perform SSO logout
|
|
|
|
|
+#
|
|
|
- name: Check that the ingresscontroller's defaultCertificate is set
|
|
- name: Check that the ingresscontroller's defaultCertificate is set
|
|
|
kubernetes.core.k8s_info:
|
|
kubernetes.core.k8s_info:
|
|
|
kubeconfig: "{{ kubeadmin_config }}"
|
|
kubeconfig: "{{ kubeadmin_config }}"
|
