middleware_automation.keycloak Release Notes

This changelog describes changes after version 0.2.6.

v2.3.0-devel

Major Changes

  • Allow for custom providers hosted on maven repositories #223

  • Restart handler strategy behaviour #231

Minor Changes

  • Add support for policy files #225

  • Allow to add extra custom env vars in sysconfig file #229

  • Download from alternate URL with optional http authentication #220

  • Update Keycloak to version 24.0.4 #218

  • proxy-header enhancement #227

Bugfixes

  • kc.sh build uses configured jdk #211

v2.2.2

Minor Changes

  • Copying of key material for TLS configuration #210

  • Validate certs parameter for JDBC driver downloads #207

Bugfixes

  • Turn off controller privilege escalation #209

v2.2.1

Release Summary

Internal release, documentation or test changes only.

Bugfixes

  • JDBC provider: fix clause in argument validation #204

v2.2.0

Major Changes

  • Support java keystore for configuration of sensitive options #189

Minor Changes

  • Add wait_for_port and wait_for_log systemd unit logic #199

  • Customize jdbc driver downloads, optional authentication #202

  • Keystore-based vault SPI configuration #196

  • New keycloak_quarkus_hostname_strict_https parameter #195

  • Providers config and custom providers #201

  • Remove administrator credentials from files once keycloak is bootstrapped #197

  • Update keycloak to 24.0 #194

v2.1.2

Release Summary

Internal release, documentation or test changes only.

v2.1.1

Minor Changes

  • Add reverse proxy_headers config, supersedes proxy_mode #187

  • Debian/Ubuntu compatibility #178

  • Use keycloak_realm as default for sub-entities #180

Bugfixes

  • Fix permissions on controller-side downloaded artifacts #184

  • JVM args moved to JAVA_OPTS envvar (instead of JAVA_OPTS_APPEND) #186

  • Unrelax configuration file permissions #191

  • Utilize comment filter for ansible_managed annotations #176

v2.1.0

Major Changes

  • Implement infinispan TCPPING discovery protocol #159

Minor Changes

  • Set enable-recovery when xa transactions are enabled #167

  • keycloak_quarkus: Allow configuring log rotate options in quarkus configuration #161

  • keycloak_quarkus: sticky-session for infinispan routes #163

Breaking Changes / Porting Guide

  • keycloak_quarkus: renamed infinispan host list configuration #157

Bugfixes

  • keycloak_quarkus: fix custom JAVA_HOME parameter name #171

v2.0.2

Minor Changes

  • keycloak_quarkus: Add support for sqlserver jdbc driver #148

  • keycloak_quarkus: allow configuration of hostname-strict-backchannel #152

  • keycloak_quarkus: systemd restart behavior #145

Bugfixes

  • keycloak_quarkus: Use keycloak_quarkus_java_opts #154

  • keycloak_quarkus: allow ports <1024 (e.g. :443) in systemd unit #150

v2.0.1

Minor Changes

  • keycloak_quarkus: add hostname-strict parameter #139

  • keycloak_quarkus: update to version 23.0.1 #133

Bugfixes

  • keycloak_quarkus: template requires lowercase boolean values #138

v2.0.0

Minor Changes

  • Add new parameter for port offset configuration #124

  • Update Keycloak to version 22.0.5 #122

Breaking Changes / Porting Guide

  • Add support for more http-related configs #115

  • Update minimum ansible-core version > 2.14 #119

  • keycloak_quarkus: enable config of key store and trust store #116

v1.3.0

Major Changes

  • Run service as keycloak_service_user #106

Minor Changes

  • keycloak_quarkus: Update Keycloak to version 22.0.3 #112

  • keycloak_quarkus: fix admin console redirect when running locally #111

  • keycloak_quarkus: skip proxy config if keycloak_quarkus_proxy_mode is none #109

Bugfixes

  • keycloak_quarkus: fix validation failure upon port configuration change #113

v1.2.8

Minor Changes

  • keycloak_quarkus: set openjdk 17 as default #103

  • keycloak_quarkus: update to version 22.0.1 #107

Bugfixes

  • Fix incorrect checks for keycloak_jgroups_subnet #98

  • Undefine keycloak_db_valid_conn_sql default #91

  • Update bindep.txt package python3-devel to support RHEL9 #105

v1.2.7

Minor Changes

  • Allow to override jgroups subnet #93

  • keycloak-quarkus: update keycloakx to v21.1.1 #92

v1.2.6

Minor Changes

  • Add profile features enabling/disabling #87

  • Improve service restart behavior configuration #88

  • Update default xa_datasource_class value for mariadb jdbc configuration #89

Bugfixes

  • Handle WFLYCTL0117 when background validation millis is 0 #90

v1.2.5

Minor Changes

  • Add configuration for database connection pool validation #85

  • Allow to configure administration endpoint URL #86

  • Allow to force backend URLs to frontend URLs #84

  • Introduce systemd unit restart behavior #81

v1.2.4

Minor Changes

  • Add sqlserver to keycloak role jdbc configurations #78

  • Add configurability for XA transactions #73

Bugfixes

  • Fix deprecation warning for ipaddr #77

  • Fix undefined facts when offline patching sso #71

v1.2.1

Minor Changes

  • Allow to setup keycloak HA cluster without remote cache store #68

Bugfixes

  • Pass attributes to realm clients #69

v1.2.0

Major Changes

  • Provide config for multiple modcluster proxies #60

Minor Changes

  • Allow to configure TCPPING for cluster discovery #62

  • Drop community.general from dependencies #61

  • Switch middleware_automation.redhat_csp_download for middleware_automation.common #63

  • Switch to middleware_automation.common for rh-sso patching #64

v1.1.1

Bugfixes

  • keycloak-quarkus: fix cache-config-file path in keycloak.conf.j2 template #53

v1.1.0

Minor Changes

  • Update keycloak to 18.0.2 - sso to 7.6.1 #46

  • Variable keycloak_no_log controls ansible no_log parameter (for debugging purposes) #47

  • Variables to override service start retries and delay #51

  • keycloak_quarkus: variable to enable development mode #45

Breaking Changes / Porting Guide

  • Rename variables from infinispan_ prefix to keycloak_infinispan_ #42

Bugfixes

  • keycloak_quarkus: fix /var/log/keycloak symlink to keycloak log directory #44

v1.0.7

Breaking Changes / Porting Guide

  • keycloak_quarkus: use absolute path for certificate files #39

Bugfixes

  • keycloak_quarkus: use become for tasks that will otherwise fail #38

v1.0.6

Bugfixes

  • keycloak_quarkus: add selected java to PATH in systemd unit #34

  • keycloak_quarkus: set logfile path correctly under keycloak home #35

v1.0.5

Minor Changes

  • Update config options: keycloak and quarkus #32

v1.0.4

Release Summary

Internal release, documentation or test changes only.

v1.0.3

Major Changes

  • New role for installing keycloak >= 17.0.0 (quarkus) #29

Minor Changes

  • Add keycloak_config_override_template parameter for passing a custom xml config template #30

Bugfixes

  • Make sure systemd unit starts with selected java JVM #31

v1.0.2

Minor Changes

  • Make keycloak_admin_password a default with assert (was: role variable) #26

  • Simplify dependency install logic and reduce play execution time #19

Bugfixes

  • Set keycloak_frontend_url default according to other defaults #25

v1.0.1

Release Summary

Minor enhancements, bug and documentation fixes.

Major Changes

  • Apply latest cumulative patch of RH-SSO automatically when new parameter keycloak_rhsso_apply_patches is true #18

Minor Changes

  • Clustered installs now perform database initialization on first node to avoid locking issues #17

v1.0.0

Release Summary

This is the first stable release of the middleware_automation.keycloak collection.