tasks/main.yml - private-cloud-ansible-playbooks/apigee-opdk-setup-edge-sso-config - Git at Google

 ---
 # tasks file for apigee-opdk-setup-edge-sso
 - name: Install openssh
   tags: ['yum']
   become: yes
   yum:
     name: openssh
     state: present

 - name: Update cache with key and value
   cache:
     key: "{{ item.key }}"
     value: "{{ item.value }}"
   with_items:
   - { key: 'sso_jwt_signinig_key_file_path', value: '{{ sso_jwt_signinig_key_file_path }}' }
   - { key: 'sso_saml_service_provider_key', value: '{{ sso_saml_service_provider_key }}' }
   - { key: 'sso_saml_service_provider_certificate', value: '{{ sso_saml_service_provider_certificate_file_path}}' }
   - { key: 'edge_sso_installation_config_file_name' , value: '{{ edge_sso_installation_config_file_name }}' }
   - { key: 'edge_sso_installation_config_file_path', value: "{{ edge_sso_installation_config_file_path }}" }
   - { key: 'saml_folder', value: "{{ saml_folder }}" }
   - { key: 'jwt_folder', value: "{{ jwt_folder }}" }

 - name: Create Private key and Self Signed Certificate Request
   tags: ['private']
   include_tasks: create-saml-keys-cert.yml

 - name: Create Verification and Signing Key
   tags: ['verify']
   include_tasks: create-jwt-keys.yml

 - block:
   - name: Copy metadata file if provided
     copy:
       src: "{{ sso_saml_idp_metadata_local_file_name }}"
       dest: "{{ sso_saml_idp_metadata_target_file_path }}"
       owner: "{{ opdk_user_name }}"
       group: "{{ opdk_group_name }}"
       mode: 0655

   - name: Configure SAML IDP Metadata URL with file
     set_fact:
       sso_saml_idp_metadata_url: "file://{{ sso_saml_idp_metadata_target_file_path }}"

   become: true
   when: sso_saml_idp_metadata_local_file_name is defined and sso_saml_idp_metadata_local_file_name | trim | length > 0

 - name: Touch file
   become: yes
   file:
     state: touch
     path: "{{ edge_sso_installation_config_file_path }}"

 - name: Assert that availability of SAML IDP metadata file
   assert:
     that:
     - "sso_saml_idp_metadata_url is defined"

 - name: Construct the Edge SSO Installation config file file
   become: yes
   template:
     src: '{{ edge_sso_installation_config_file_name }}.j2'
     dest: "{{ edge_sso_installation_config_file_path }}"
     force: yes
     owner: '{{ opdk_user_name }}'
     group: '{{ opdk_group_name }}'
     mode: 0655
   when: manual_edge_sso_installation_config_file_path is not defined and manual_edge_sso_installation_config_file_path | trim | length == 0

 - name: Use the provided Edge SSO Installation config file
   become: yes
   copy:
     src: "{{ manual_edge_sso_installation_config_file_path }}"
     dest: "{{ edge_sso_installation_config_file_path }}"
     owner: '{{ opdk_user_name }}'
     group: '{{ opdk_group_name }}'
     mode: 0655
   when: manual_edge_sso_installation_config_file_path is defined and manual_edge_sso_installation_config_file_path  | trim | length > 0
	---
	# tasks file for apigee-opdk-setup-edge-sso
	- name: Install openssh
	tags: ['yum']
	become: yes
	yum:
	name: openssh
	state: present

	- name: Update cache with key and value
	cache:
	key: "{{ item.key }}"
	value: "{{ item.value }}"
	with_items:
	- { key: 'sso_jwt_signinig_key_file_path', value: '{{ sso_jwt_signinig_key_file_path }}' }
	- { key: 'sso_saml_service_provider_key', value: '{{ sso_saml_service_provider_key }}' }
	- { key: 'sso_saml_service_provider_certificate', value: '{{ sso_saml_service_provider_certificate_file_path}}' }
	- { key: 'edge_sso_installation_config_file_name' , value: '{{ edge_sso_installation_config_file_name }}' }
	- { key: 'edge_sso_installation_config_file_path', value: "{{ edge_sso_installation_config_file_path }}" }
	- { key: 'saml_folder', value: "{{ saml_folder }}" }
	- { key: 'jwt_folder', value: "{{ jwt_folder }}" }

	- name: Create Private key and Self Signed Certificate Request
	tags: ['private']
	include_tasks: create-saml-keys-cert.yml

	- name: Create Verification and Signing Key
	tags: ['verify']
	include_tasks: create-jwt-keys.yml

	- block:
	- name: Copy metadata file if provided
	copy:
	src: "{{ sso_saml_idp_metadata_local_file_name }}"
	dest: "{{ sso_saml_idp_metadata_target_file_path }}"
	owner: "{{ opdk_user_name }}"
	group: "{{ opdk_group_name }}"
	mode: 0655

	- name: Configure SAML IDP Metadata URL with file
	set_fact:
	sso_saml_idp_metadata_url: "file://{{ sso_saml_idp_metadata_target_file_path }}"

	become: true
	when: sso_saml_idp_metadata_local_file_name is defined and sso_saml_idp_metadata_local_file_name \| trim \| length > 0

	- name: Touch file
	become: yes
	file:
	state: touch
	path: "{{ edge_sso_installation_config_file_path }}"

	- name: Assert that availability of SAML IDP metadata file
	assert:
	that:
	- "sso_saml_idp_metadata_url is defined"

	- name: Construct the Edge SSO Installation config file file
	become: yes
	template:
	src: '{{ edge_sso_installation_config_file_name }}.j2'
	dest: "{{ edge_sso_installation_config_file_path }}"
	force: yes
	owner: '{{ opdk_user_name }}'
	group: '{{ opdk_group_name }}'
	mode: 0655
	when: manual_edge_sso_installation_config_file_path is not defined and manual_edge_sso_installation_config_file_path \| trim \| length == 0

	- name: Use the provided Edge SSO Installation config file
	become: yes
	copy:
	src: "{{ manual_edge_sso_installation_config_file_path }}"
	dest: "{{ edge_sso_installation_config_file_path }}"
	owner: '{{ opdk_user_name }}'
	group: '{{ opdk_group_name }}'
	mode: 0655
	when: manual_edge_sso_installation_config_file_path is defined and manual_edge_sso_installation_config_file_path \| trim \| length > 0