kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-10 18:58:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(keycloak): add automation service account client support

Browse Source 
Introduce a confidential service-account client (Option A) to replace user-based
kcadm sessions. The client is created automatically, granted realm-admin role,
and used for all subsequent Keycloak updates. Includes improved error handling
for HTTP 401 responses.

Discussion: https://chatgpt.com/share/68e01da3-39fc-800f-81be-2d0c8efd81a1
This commit is contained in:
Kevin Veen-Birkenbach
2025-10-03 21:02:16 +02:00
parent 4d9890406e
commit 6fcf6a1ab6
5 changed files with 113 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/web-app-keycloak/tasks/05_rbac_client_scope.yml
View File

@@ -21,6 +21,7 @@
shell: "{{ KEYCLOAK_EXEC_KCADM }} get client-scopes -r {{ KEYCLOAK_REALM }} --format json"
register: all_scopes
changed_when: false
failed_when: "'HTTP 401' in (all_scopes.stderr | default(''))"
- name: Extract RBAC scope id
set_fact: